In this post, I will be talking about a type of attack vector called an EvilTwin AP.
Now an evil twin attack is the last resort when you’re trying to gain access to someone’s wireless network so, if you can’t crack the WPS pin or Bruteforce the WPA protected network, you would use an Evil Twin attack.
Why Is WPS So Hard to Crack?
Cracking the WPS pin is now near impossible to do since networks have AP locking.
How Does An Evil Twin AP Work?
An evil twin attack is actually quite simple and there are lots of tools to automate the process.
The one we will be using is called Airgeddon.
Now an evil twin attack is initiated by cloning someone’s access point so it acts exactly like a legitimate AP (Access Point) but instead, it serves a malicious web server that asks the client to type in there WPA passphrase and once they do that we steal there wireless networks password.
How do I Get Clients To Connect?
We have created our evil twin AP that acts exactly like a legitimate AP but instead serves a malicious web server but, How do we get them to connect, well this is where we need to de-authenticate the users from there own network using tools such as MDk3 or aireplay-ng and once they disconnect from their AP (Access Point) they will connect to our network Evil Twin AP, but this attack will only work if you are near the AP or have a very strong Antenna otherwise the AP will just connect back to theirs, not the Evil AP.
Here is an Example of how The Evil Twin AP Works.
This is for educational purposes only, do not do this to someone’s network without permission.