• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
KaliTut

KaliTut

Kali Linux tutorial and Linux system tips

  • Home
  • Raspberry Pi
  • Privacy Policy
  • About us

infernal twin Automated Evil Twin Attack

Last Updated on May 20, 2021 by Kalitut 3 Comments

Automated Evil Twin Attack: infernal-twin

What is evil twin attack?
Evil twin is a term for a fake WiFi access point, it appears to be a legitimate one offered on the premises, but it has been set up to snoop “spy” on your wireless communications.
An evil twin is also called wifiphisher it’s the wireless version of the phishing scam that hackers use to hack online accounts
The attacker fools wireless users to make them connect to a tainted hotspot by posing as a legitimate provider.

evil twin attack kali

This type of fake wifi attack may be used to steal the passwords of the users by either snooping the communication link or by phishing, which involves setting up a fraudulent web site and luring people there in a simple word it’s wifi phisher

This tool was created to help the auditors and penetration testers to perform wireless security assessment in a quick manner and easing complex attack vectors.

it is an automatic wifi hacking tool, it’s a Python suite created to aid penetration testers during wireless assessments, many of the common attacks can be done automatically by using this tool
which can get complicated and hard to manage when executed manually.

FeaturesWhat this tool will do
1-WPA2 hacking
2-WEP Hacking
3-WPA2 Enterprise hacking
4-Wireless Social Engineering
5-SSL Strip
6-Evil Access Point Creation
7-Infernal Wireless
8-Report generation
9-PDF Report
10-HTML Report
11-Note taking function
12-Data is saved into Database
13-Network mapping
14-MiTM
15-Probe Request
1-Set up monitoring interface
2-Set up DB
3-Scan wireless network in the range
4-Connect to the network selected SSID
5-Obtain login page of authentication
6-Modify the login page with attacker
controlled php script to obtain the credentials
7-Set up Apache Server and serve fake login page
8-Give a victim an IP
9-Set up NAT table
10-Dump the traffic
11-Perform Deauthentication Attack

To create an access point, we need two network adapters, one to connect to the Internet, and the second – this will be the access point i.e. The laptop’s built-in network card and monitor mode WiFi adapter

how Evil Twin attack work ?

The attacker set up a fake Wi-Fi access point, purporting to provide wireless Internet services
and eavesdropping the user’s traffic. with this type of attack, the attacker can know everything you are doing every web you open and steal every password you type, of course, they can if you are not protecting yourself

and if the attacker just want to know your Wifi credentials he can serve you to a fake login page asking your for your wifi password to steal the password, and not just a fake wifi login page
he can also serve you to a fake login page for any of the websites you are trying to open.
yes, your sensitive data is between the attacker’s hands once you connect to fake wifi, The attack scenario could be exploited to run man-in-the-middle attacks or to serve malware to the computers in the targeted network.

To avoid evil twin access point attack…
There is no magic button and you need to know some details about the real AP you are connected to or want to connect to. for example

  • The MAC address of the real wireless access point
  • The DHCP IP address the gateway and the DNS server that it hand out
  • Apart from that, you might find the evil twin using a different frequency than the original, like the true AP being on 2.4GHz and the evil AP being on 5GHz

it’s hard to avoid fake WiFi and even almost impossible to have all of that information with you when ever you want to connect to an access point , but this is the only way to know its real and not fake WiFi

For wireless network administrator

To protect your users from fake wifi connection you can use EvilAP Defender it’s an application that will help you discover and prevent Evil Access Points from attacking wireless users.
You can set up the application to run in regular intervals to check if there is any fake access point and protect your wireless network from Evil Twin attacks.
You can also configure EvilAP Defender to send notifications to your email whenever it discovers an evil access point.
and you can configure EvilAP Defender to perform DoS on the legitimate wireless users to prevent them from connecting to the discovered evil AP, this will give the administrator more time to react.
However, notice that the DoS will only be performed for evil APs which have the same SSID ( wifi Name ) but different BSSID (AP’s MAC address) or running on a different channel.
To avoid DoS your legitimate network. you can read more about it here Link

How to run infernal twin

Back to infernal twin now lets see what we need to start a fake wifi hotspot

To be able to use infernal twin you need

  • Apache module
  • mysql database
  • Scapy packet manipulation tool for computer networks
  • wxtools debugging framework.


To install the packages we need to follow these steps:
Use sudo if you are not root most of those packages are included in Kali Linux but just in case you are not a Kali Linux user

apt-get install apache2
apt-get install mysql-server libapache2-mod-auth-mysql php5-mysql
apt-get install python-scapy
apt-get install python-wxtools
apt-get install python-mysqldb
apt-get install aircrack-ng
git clone https://github.com/entropy1337/infernal-twin.git

Now lets Start Infernal Twin by:

cd infernal-twin
python InfernalWireless.py
or
InfernalWireless.py

If it’s the first time you use infernal-twin it’s a good idea to run configure
to do so…
Click File then Configure software

For enterprise packing you need freeradius
you check if you have it or not by
click tools then check freeradius
if you don’t have it after clicking “check freeradius” it will give you links for download

keep in mind wifi attack is Legal you should never make a fake wifi hotspot over an access point you don’t manage

Filed Under: Tutorials Tagged With: infernal twin

Comments

  1. Prong's says

    July 29, 2016 at 8:29 pm

    Im getin this erros:
    Traceback (most recent call last):
    File "InfernalWireless.py", line 80, in
    cxn = MySQLdb.connect('localhost', username, password)
    File "/usr/lib/python2.7/dist-packages/MySQLdb/__init__.py", line 81, in Connect
    return Connection(*args, **kwargs)
    File "/usr/lib/python2.7/dist-packages/MySQLdb/connections.py", line 187, in __init__
    super(Connection, self).__init__(*args, **kwargs2)
    _mysql_exceptions.OperationalError: (1045, "Access denied for user 'root'@'localhost' (using password: NO)")

    Reply
  2. Walid Salame says

    July 30, 2016 at 4:45 am

    after what command you are getting this error ?

    Reply
  3. Unknown says

    August 30, 2016 at 3:49 pm

    python infernalwireless-twin after this cmd i m geting [Error 2]

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow us

  • Facebook
  • Twitter
  • YouTube

Categories

  • Android pentesting tools
  • Arduino
  • Books
  • Darknet
  • database
  • General
  • Github Tools
  • Hacking
  • Kali Linux
  • Linux
  • Linux Commands
  • Network Administrator
  • Penetration Testing
  • Penetration Testing Tools
  • PowerShell
  • Raspberry Pi
  • resources
  • Review
  • Termux
  • Tutorials
  • Ubuntu
  • Uncategorized
  • Video Tutorials
  • vmware
  • WiFi Adapter
  • WiFi Pentesting
  • Wireless Router
  • Wireshark

Recent Posts

  • ZimaBoard Hackable Single Board Server Review
  • Hijacked Wi-Fi? Thorough explanation of hacking techniques
  • Windows PowerShell tutorial for beginners
  • Learn to Hack Steps from Beginner to Hacker
  • PowerShell Tutorial – GUIDE introduction with basics
  • Home
  • About us
  • Privacy Policy
  • Affiliate disclaimer

Copyright © 2023