Cyber Security-Red Team Operations Chapter-1 (Wifi Hacking)

Şervan Alkan
5 min readOct 1, 2022

Bu yazıyı, bu linkten Türkçe olarak okuyun.

Hacking Wifi with Evil Twin Attack

Hello everyone, welcome to the first of my Cyber ​​Security-Red Team Operations articles, in this article I will give you information about the Evil Twin attack, which is one of the most effective methods of wifi hacking.

Figure 1. Red Team

WARNING!!!

This article has been shared for educational purposes only and it is recommended that you do not try it on networks that you do not have permission in any way, I would like to state that I will not be responsible for any illegal acts you do.

We will also need a Wifi card with Monitor Mode support, and if you’ve come this far, I’ll leave it up to you to investigate what is the monitor mode, wifi card etc.

The reason why this attack is more effective than most of the other methods is that our target is not accessing any system, password, etc. Our target in this attack is “HUMAN”. The attacks mostly preferred by hackers today; targeting the human factor. Because no matter how much you protect a system, it will always be vulnerable if there is a human factor in it.

As it is said in the movie WHO AM I “NO SYSTEM IS SAFE..!”

Now let’s move on to our attack.

As a first step, we need to have Parrot OS. But don’t worry if you don’t have Parrot OS on your computer, now I will explain how to install AirGeddon tool on Linux based systems. I can hear you saying “I can’t do it with my Windows machine” but unfortunately you have to have a Linux based system. If you are not using a Linux-based system, you can install Parrot OS or Kali Linux on the virtual machine on Windows. And in an unbelievably simple way.

Our AirGeddon tool will come pre-installed on Parrot OS users’ system. I will explain how to install AirGeddon for other Linux based systems. Parrot OS users and users who already have AirGeddon on their system can proceed to the next step.

Figure 2. Hacker

Installation

Let’s download the file from this link and enter the downloads and extract the ZIP file to the folder. Then go into the folder and run the “airgeddon.sh” file from the terminal.

Figure 3. Airgeddon-Github Page

Attack
This screen will appear and a scan will be made for the missing tools.

Figure 4. Airgeddon-First Look

You can have it download the missing tools by answering “y/yes” to the question it will ask you.

Figure 5. Airgeddon-Tool Checking

Once the necessary tools are downloaded, the following screen will appear.

Figure 6. Airgeddon-Network Interface Selection

We continue by selecting the Wifi Card we have connected and the attack menu appears.

Figure 7. Airgeddon-Attack Menu

First, we switch our Wifi card to monitor mode by choosing option 2, and then we select the Evil Twin attacks Menu option in the 7th option.

Figure 8. Airgeddon-Evil Twin Attack Menu

We choose the 9th option from the new menu that appears before us.
After that, a window that scans the surrounding networks opens before us and we wait for a while so that it can scan all the networks.

Figure 9. Airgeddon-Exploring for targets

After waiting for a while, we stop scanning with ctrl-c keys and we see a list of targets. Here, my humble advice is to choose networks with high PWR and yellow color (with clients in them). Because in this way, both our waiting time will be shortened and our probability of infiltrating the network will increase gradually.

Figure 10. Airgeddon-Attack Type

After choosing our target, we give “n/no” answers to the questions. If the target changes the channel it is in during the attack phase, if you want to follow it, you can answer “y/yes” to the “DOS pursuit mode” question. If you want to do Mac spoof (if you want to change your MAC address during the attack phase and leave less traces), you can also confirm the “MAC spoof” question, the choice is yours, but I usually say “n”. While establishing the wifi connection, we need to collect the handshakes. For this, we say “n” to the handshake question asked to us and say that we do not have a handshake file, and the program opens a screen for us to capture handshake.

Figure 11. Airgeddon-Collecting Handshakes

When the handshakes are collected automatically, WPA Handshake appears in the upper right corner of the program, as in the photo above. Now that we’ve captured our handshake data, we’ve taken care of the bulk of the attack. All that’s left is to wait and wait patiently.

Figure 12. Airgeddon-Phishing

Before the attack, we will organize the phishing page where we will direct the victim. We will choose the English option to be more convincing than the options seen above, and the programs that automate the different processes shown below will be opened for us.

Figure 13. Airgeddon-Attacking Phase

The victim will not be able to access the internet because we are constantly sending deauth packets to the wifi connection he is connected to, and will connect to the fake network we have just created, which has the same features as the network he is connected to. Our fake network will throw it into a fake authentication page and ask for a password. As soon as the victim enters the password unaware of everything, we will have already collected the information we need, and we will both allow the victim to access the internet and connect to the network ourselves by intercepting the deauth packets we send to the real network.

That’s all I have to say in this article, see you in my next articles…

--

--