In this video, discover what an evil twin rogue access point is and see a demonstration of the Mana Toolkit.
- An evil twin is a rogue access point which has been activated in order to attract unwary users to connect, and then acts as a man-in-the-middle monitoring their traffic. It does this by posing as a legitimate public hotspot access point. A good evil twin will look in every respect the same as its target. It will have the same SSID as a legitimate access point. The same BSSID, and will operate on the same channel, but with a stronger signal in its local zone. An evil twin may just wait for new devices to join the network, or it may forcibly de-authenticate clients from the legitimate access point to force a reconnect, this time to itself. In today's world where free public Wi-Fi hotspots are becoming the norm, and evil twin is a significant threat. Let's take a look at airbase-ng, which is a simple Kali tool for turning a wireless card into an access point. I'll start by setting my wireless LAN adapter into monitor mode. Let's see what access points are close by. Okay. We can see that my Telecom access point is active, I'll now set my adapter to "evil twin" it. We're now setup, so all we need to do is wait for a user to connect. I'll reconnect with my mobile, which was previously connected to the legitimate access point. And here we go, we can see my phone connecting. And I've now connected. Now I've got a user on the access point, I can use Wireshark to monitor the traffic. I've started Wireshark, and I'll set a filter for the access point. And I'll select "wlan0mon" as the interface and start Wireshark capturing. Okay I'm browsing the internet on my mobile, and I can see the traffic routing through Wireshark, as 802.11 packets. I'll stop the capture now. If we look at the traffic, we can see we're capturing and re-routing WPA encrypted traffic as a man-in-the-middle. With just a Kali distribution and a good external antenna, I've successfully used airbase-ng as an evil twin of my access point to harvest client connections.
Note: This course is part of our test prep series for the Certified Ethical Hacker exam. Review the complete exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Selecting an antenna
- Configuring security
- Extracting WEP and network passwords
- Testing passwords
- Harvesting connections from rogue access points
- Attacking networks via Bluetooth
- Capturing wireless packets with Acrylic Wi-Fi
- Heat mapping with Ekahau
- Wi-Fi sniffing with Wireshark
- Testing the Internet of Things