hacking wpa wifi through evil twin

[xinjie00]

so i see alot of scripts like wifiphisher and fluxion they work great but the only sad part is when they clone the wireless network ...is it possible to let the user automatically connect to our fake access point by disabling their own access point..like without displaying the access point in the wifi list.  

[Dave-ee Jones]

Are you talking about the Pineapple? Because the Pineapple already does this by sending deauth packets to the clients, therefore 'helping' the clients connect to the Pineapple, allowing you to see any traffic they send over the network.

[xinjie00]

7 minutes ago, Dave-ee Jones said:

Are you talking about the Pineapple? Because the Pineapple already does this by sending deauth packets to the clients, therefore 'helping' the clients connect to the Pineapple, allowing you to see any traffic they send over the network.

no im talking about wifiphisher and fluxion ...so is there anyway i can do that like shutting the real access point and let user connect to mine fake access point

[Dave-ee Jones]

Yes, there is. You should look into 'deauthentication' packets. They are packets that tell clients to disconnect from the connected AP. The user has to then manually connect to the WiFi network again via the SSID. The client will automatically choose the strongest (closest) AP, so if you're fake AP is more powerful and seems 'closer' than the other AP, it will choose to connect to yours.

Resources (from Google, where you can type what you want and get what you want):

Null-Byte Tutorial on creating a fake AP

WiFi Jamming via Deauth packets

Aircrack-ng's Deauthentication Wiki

[xinjie00]

Is that anyway to make the victims wifi dissapear from the list ? Cause if like that the the victim only choice is only enter the password through fake wifi..if not the victim have the choice to choose meaning that attack is useless for attacking home wifis

[digip]

3 hours ago, xinjie00 said:

Is that anyway to make the victims wifi dissapear from the list ? Cause if like that the the victim only choice is only enter the password through fake wifi..if not the victim have the choice to choose meaning that attack is useless for attacking home wifis

Deauths will kick them off the AP, and so long as you're impersonating the same AP name, some(not all) clients will try connecting to you. Trying to make their AP disappear means they don't see you either, but not sure what you mean by "disappear" in this context. You can deauth to disconnect clients and then get them to reconnect to you, but depends on the clients settings too and your proximity. You need to be relatively close in proximity to make decent use of the deauth attacks, which is why a Pineapple is ideal in close proximity use from say, a backpack at like an internet cafe with the attacks automated to deauth, accept probes and log everything while a few feet from the router while closer to the clients trying to connect.

If you're 10 houses down the block, you would be more of an annoyance by keeping the neighbors wifi from working as expected, but don't expect a ton of clients without enough antenna power to wrangle them in/over power their AP signal, and some clients aren't going to just drop from WPA2 to open if it expects WPA2, but that depends on the OS. Many will just connect to anything. I know mobile devices seem to just connect to everything it thinks is the same named AP, WPA2 or not. Many will automatically connect and things like TV's and DVD players will probably connect without thinking twice about it, IoT devices like cameras, thermostats, cameras, etc. I don't think they have any protection mechanisms built in, but for many phones and PC's you can set it to not automatically reconnect, but that is generally not on by default for most things(that I know of). I know for my box, I change the settings to not automatically reconnect/connect, but there is no settings on my DVD player or TV to do this. I have to connect manually to all saved AP's on my computer and phone, but you generally have to set them up like this.