Skip to content
/ Evil-Twin Public

Evil Twin spoofing cyberattack - scanning access points in the area and choosing a victim to deauthenticate, create a fake AP and open a captive portal.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

alonfirestein/Evil-Twin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
.idea
.idea
 
 
__pycache__
__pycache__
 
 
conf_files
conf_files
 
 
fake_web
fake_web
 
 
README.md
README.md
 
 
ap_mac.txt
ap_mac.txt
 
 
attack.py
attack.py
 
 
change_modes.py
change_modes.py
 
 
defense.py
defense.py
 
 
get_iface_name.sh
get_iface_name.sh
 
 
helper.py
helper.py
 
 
iface_name.txt
iface_name.txt
 
 
requirements.txt
requirements.txt
 
 
setup.sh
setup.sh
 
 
start.py
start.py
 
 

Repository files navigation

Evil-Twin

An evil twin attack is a spoofing cyberattack that works by tricking users into connecting to a fake Wi-Fi access point that mimics a legitimate network. Once a user is connected to an “evil twin” network, hackers can access everything from their network traffic to private login credentials.

Evil twin attacks get their name from their ability to imitate legitimate Wi-Fi networks to the extent that they are indistinguishable from one another. This type of attack is particularly dangerous because it can be nearly impossible to identify.

This project includes the methods used for an Evil Twin attack, as well as a defense mechanism to detect and defend from such an attack.

Prerequisite:

  • A laptop with a NIC that can enter monitor mode
  • Or an external wifi adapter that can be conncted and enable monitor mode
  • Libraries and tools used: Python 3.8+, Scapy, airmon-ng, hostapd, iptables, gnome-terminal, apache2, net-tools

Note* - This program was written and tested on Ubuntu 20.04, but should work on most Linux machines.

To ensure that all necessary packages are installed:

bash setup.sh

To start the main program:

sudo python start.py

**From there the program will guide you in the terminal console. **

Start screen

Evil Twin Attack:

The steps taken to initate the attack are:

  • Get the necessary details of the adapter and its interface name.
  • Scan for all available access points in the area.
  • Select an AP from the list of discovered access points.
  • Scan for users connected to the selected AP.
  • Select a victim to perform the attack on from the list of scanned users connected to the chosen AP.
  • Deauthenticate the victim: disconnect him from his wifi connection.
  • Create and activate the fake access point that will be a "twin" of the original access point that the user was connected to.
  • Wait for the user to reconnect to our fake AP, and our captive portal will ask him for his email and password.
  • After getting their sensitive info, we need to deactivate the fake AP to avoid detection.

Evil Twin Defense:

Here we choose to try and defend ourselves from an Evil Twin attack for a certain time (as needed). This tool will receive details including the mac address of the current wifi network we are connected to. If it detects a certain number of deauthentication packets, it warns us (the user) and after a certain threshold of these packets counted, it will reset our computers network manager to prevent the deauthentication process.

Captive Portal:

I chose for my captive portal to be more of a joke than to try and scam someone such as creating a clone of a popular social media or bank website or even wifi credentials. But just to capture the idea of my captive portal that opens when the victim connects to my fake access point. Once the users clicks submit, the info is then saved to the "passwords.txt" file.

Start screen

About

Evil Twin spoofing cyberattack - scanning access points in the area and choosing a victim to deauthenticate, create a fake AP and open a captive portal.

Topics

python linux scapy network-programming

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages