How To Hack Wifi using Evil Twin Attack Using Linset – Hacking Wifi Without using wordlist in WifiSlax

Hello, in this article you are going to learn how to hack wifi wpa/wap2 wps enabled or locked or unlocked or whatever network. This is one of the best methods to hack wifi without using either wordlist or reaver or any other method. This method is called EVIL TWIN ATTACK. Evil twin creates a new fake access point and lures the victim into entering their password. Unlike other methods, this method chances of hacking wifi password are 95%, only a few routers are secured from evil twin attack.  

No reaver, No Wordlist, No normal tricks – Best way to hack wifi in Linux

Evil twin attack creates a fake access point as same as the network that we want to hack and de-authenticate them from their network and stops their connectivity. Then the victim tries to connects to their network and finds the new network with the same name as their network and connects to it, so times windows disconnects from its original network and connects to the fake free network and in which appears a new web page which asks the victim to enter their wifi password and unless they enter it, they can’t access wifi. That’s how it works, easy, simple and the best way to hack wifi without using wordlist easily. 



What is Evil Twin Attack?

An evil twin is a fake Wi-Fi access point that appears to be legitimate, set up to capture credentials on wireless communications. The evil twin method is same as phishing anything. Evil twin method creates a new phishing page which sends credentials over a LAN network.

This type of attack may be used to steal the passwords of unsuspecting users, either by monitoring their connections or by phishing, which involves setting up a fraudulent website and luring people there. Often, users are unaware they have been hacked until well after the incident has occurred.

How Evil Twin Attack Works?

Fake access points are set up by configuring a wireless card to act as an access point (known as HOSTAP). They are hard to trace since they can be shut off instantly. The counterfeit access point may be given the same SSID and BSSID as a nearby Wi-Fi network. The evil twin can be configured to pass Internet traffic through to the legitimate access point while monitoring the victim's connection, or it can simply say the system is temporarily unavailable after obtaining a username and password. 

Process of Evil Twin Attack

1) Scan the networks.

2) Select network.

3) Capture handshake (can be used without handshake)

4) We choose one of several web interfaces tailored for me (thanks to the collaboration of the users)

5) Mounts one FakeAP imitating the original

6) A DHCP server is created on FakeAP

7) It creates a DNS server to redirect all requests to the Host

8) The web server with the selected interface is launched

9) The mechanism is launched to check the validity of the passwords that will be introduced

10) It deauthentificate all users of the network, hoping to connect to FakeAP and enter the password.

11)   The attack will stop after the correct password checking


Requirements To hack Wifi Password Without using Wordlist

1)   Laptop
2)   WifiSlax (Operating System)
3)   Linset (Mostly Inbuilt)
4)   Pendrive or Flash Drive (2gb or higher)
5) Universal USB Installer

Software Requirements for Linset 

As it’s a BASH script, there’s quite a list of external apps required to perform evil twin attack successfully, so we use Linset. 

What is WifiSlax and Why WifiSlax

Wifislax is one of the best Spanish Linux Operating system. It is one of the most famous operating system for wifi hacking, to be precise this linux based operating system is for hacking wifi networks. WifiSlax has all inbuilt tools required to hack wifi, of course, linset as well. So for this tutorial, I am using WifiSlax. 

How To hack Wifi Using Evil Twin Attack Using Linset

Step 1: Install WifiSlax in Flash Drive or Pendrive using universal usb installer 
Step 2: Start WifiSlax 

1)   Click on “Change To English Menu”

2)   Click on “Run with SMP Kernel”

3)   Click on “WifiSlax with KDE Desktop”

4)   That’s it WifiSlax will start now

Step 3: Go to WifiSlax à WPA à Linset (Evil Twin Attack)

Step 4: Linset will Start required Tolls

Step 5: Select Wlan0

Step 6: type “1” to select Wlan0

Step 7: Enter “1” to select “todos los canales” which means select all channels. We need to search all channels to get all the networks available near you. If you want to hack a particular network whose channel number you know already, select 2 and proceed.

Step 8: All the Available networks will be shown now, wait for 2-3 mins to complete the search and click “CTRL +C” To stop the search

Step 9: Select the network that you want to hack from the list shown as in the below picture

Step 10: Enter the number of the network that you want to hack, in my case I am hacking my own network which is “Virus” and is located at number 5

Step 11: Now we need to select hostpad, so type “1”

Step 12: we need to enter the path of the handshake, there is no need to enter any address, by default it takes some root/micaprura.cap, so just Hit “Enter” without typing anything

Step 13: we are going to capture handshake using aircrack-ng, so enter “1”

Step 14: we need to deactivate the process after the handshake is created, so we need to select “realizar desaut. masiva al ap objetivo” that is “1”

Step 15: Now Handshake capturing process will start, and 2 windows will open. we need to wait until handshake is created. You need to capture handshake compulsorily to proceed.

Step 16: After the Handshake is captured, close the de authentication box

Step 17:  Select “Si” which means “Yes”. So, Enter “1”

Step 18: Select “Interface Web Nutra”. So, Enter “1”

Step 19: Select your Language, I am Selecting “English” as the content in my country is displayed in English.  You can choose accordingly and enter the number

Step 20: Now the main process will start DHCP, fake dns, AP, deauth all, and wifi info dialog boxes will open. You need to wait until the client is connected to our network.

Step 21: Check out for active clients. The victim cannot access their internet connection until we stop the process. Dhcp and deauth all will stop them from receiving any packets which make them shift to another network i.e. our fake access point or fake network signal

In this process, A DOS attack is launched and the victim loses their internet connection and the victim see's it as "Limited Connection"

When you are at this step, you can even eavesdrop on the victim. you can see all the websites they surf, each and every detail is displayed in FAKE DNS 

Now I will show you what happens when the process is started
Original network gets disconnected and our newly created fake network with same name connects to victim’s network and a page pop’s up

This is the page that appears, page changes from language to language, as I selected English – content is displayed in English

Unless the victim enters the password, they can neither access the internet nor move away from the page.

After Victim enters the password, they can get access to their old network.

Step 22: After the victim enters the password it will be immediately shown in our window. 

This is the process to hack any kind of wifi password very easily using Evil twin attack or fake access point method. As this works without wordlist and without reaver - this is one of the best methods available for hacking wifi wpa/wap2 - wps enabled and even wps locked networks, but the only disadvantage is it requires victim's interference. 

How To Secure Yourself From Evil Twin Attack 

1) Do not connect to any public networks, anyone can sniff your data while you are on a public network.Evil Twin attack will be performed as a public network, so wherever possible restrict connecting to any open or public networks mainly if it wifi name is same as your wifi name

2) When your internet connection suddenly stops working, you might be under DOS attack using evil twin attack, just restart the router and the hacker need to restart the attack and as it takes some time.  Maybe they leave it or continue some other time 

3) Running a VPN to ensure that any browsing and transmitted data is done through an encrypted tunnel that cannot be easily snooped. 

4) Do not always rely on the name of the network, make sure it is a legitimate and trusted network or not. 

==========     Hacking Don't Need Agreements     ==========
Just Remember One Thing You Don't Need To Seek Anyone's  Permission To Hack Anything Or Anyone As Long As It Is Ethical, This Is The Main Principle Of Hacking Dream
    Thank You for Reading My Post, I Hope It Will Be Useful For You

I Will Be Very Happy To Help You So For Queries or Any Problem Comment Below Or You Can Mail Me At
Bhanu Namikaze

Bhanu Namikaze is an Ethical Hacker, Security Analyst, Blogger, Web Developer and a Mechanical Engineer. He Enjoys writing articles, Blogging, Debugging Errors and Capture the Flags. Enjoy Learning; There is Nothing Like Absolute Defeat - Try and try until you Succeed.


Unknown said...

can i use a virtual machine?

local people said...

bro!!!!! you are doing to good work👍👍👍👍👍👍👍👍👍👍
keep it up

Patra said...

This is a great tutorial! Thanks man!

Post a Comment