Hey guyz, today I am here with the ultimate wifi hacking guide. Today I will be showing you how to hack wifi password using phishing attack with the help of a tool called Fluxion. You can check out the github page for the same here.
- First, the tool scan the networks.
- Then it captures the handshake (which then used to verify the password)
- Then it uses the web interface and create a fake access point (identical to the original).
- Then deauthenticates all clients from the original access point.
- A fake DNS server is then launched which captures all DNS requests and redirect them to the host running the script.
- Then a captive portal is launched which asks the victim to enter the wifi password.
- Then the entered password is verified with the handshake captured earlier.
- The attack automatically terminates as soon as the correct password is retrieved.
Now before we begin I have to say this whatever you do with this information is your choice I will not be blamed for anything what so ever. Don't be stupid and use this tool legally.
Requirement:
- A Linux-based operating system. I recommend Kali Linux but you can choose whichever you feel comfortable with. If you are new with linux and having difficulty choosing a distro check out this post.
- A internet connection to download required tools.
- A wifi card that support monitor mode and can broadcast network (I recommand TP-Link TL-WN722N
)
) Buy from Flipkart.
Getting Started:
- Open terminal session and type this command to download fluxion
git clone https://github.com/deltaxflux/fluxion.git
- After command is successfully terminated in type
cd fluxion
./install.sh
- Fluxion install script will automatically download and install other required tools.
- After everything is installed successfully type this command
./fluxion
- This will start fluxion
- then fluxion will ask you to select the language and hit enter
- after selecting your desired language select all channels and hit enter.
- then fluxion will start scanning the nearby networks once you see your victim ssid close the window.
- then select your network bssid and hit enter
- Then select FakeAP - Hostpad
- then fluxion will ask you to provide handshake just hit enter
- then fluxion will ask you to select the tool to capture the handshake use whichever you want (I used aircrack)
- now it will start capturing handshake
- when you see WPA handshake on top in the capturing handshake window type 1 in the fluxion and hit enter.
- now it will ask you for the ssl certificate, just create one.
- then select web interfaces
- then select one of the web interfaces from the list
- After the fluxion start some scripts, now fluxion will automatically terminate once it has the correct password.
- A prospective like this will open.
- This was happening on my phone.
- I was disconnected from my original network, and as you can see another network with the same ssid was appeared on the list, the only difference between them was that my original network is password protected but the fake acess point was "open".
- when I connected to the fake AP something like this opened
- When I entered the wrong password it showed an error
- After entering the correct password it showed this
- And on my linux pc I got this
- And the script was successfully terminated.
If you bump into any problem feel free to reach out to us in the comment section.
And Please like our new facebook page so that you never miss new posts from us.
No comments:
Post a Comment