Cracking wifi password with fluxion [COMPLETE]
Fluxion
Fluxion is a great tool for wap2 wifi password cracking , this tool simplifies the complexities when trying to implement "EVIL TWIN" attack, evil twin is one of the best approach when it comes for wifi password stealing ,fluxion reduces the manual work and makes everything automatic.Lets start cracking !!!!!!
Download the fluxion from Github link
(or)
git clone https://github.com/wi-fi-analyzer/fluxion.git
Step 1: Open termianl and extract and go to fluxion-master folder and ./fluxion.sh and press Enter.
step 2: You can see the fluxion banner and its dependencies .
If the dependencies are not met then download the dependencies for me 3 of the following is not installed so i am going to install those ,
- apt-get install isc-dhcp-server
- apt-get install lightttpd
- apt-get install php-cgi
step 3: ./fluxion.sh
It will show "OK" for everything then we are ready!!!!.
It will prompt for the language that you want to use.
Select 1 for ENGLISH.
Step 4: Select the interface of the wifi adapter.
TP-LINK TL-WN722N Version 1.10.
step 4: Then select the specific channel or all the channel that you want to attack.
I am selecting all the channel.
Step 5: All the AP that are inside the range will be shown for this attack , at least one client associated with the network must be connected to the target AP in order to capture the Handshake file and perform this attack.
My target is my own AP and the name of the target is "wifihere" :)
[NOTE] : PLEASE TRY IT WITH YOUR OWN NETWORK . I AM NOT RESPONSIBLE IF COPS KNOCKS YOU DOOR.THIS IS ONLY FOR EDUCATIONAL PURPOSE.
You can note that the one of the client is connected with my network (My mobile).
Wait for some time un-till it captures all the packets that are floating around .
CTRL + C to quit the progress.
step 6: Select the Network that you want to attack for me [1] + ENTER .
step 7: You can see the Information of your target AP .
Select this option === > [1]FAKEAP -hostapd(Reco..)
step 8: Select the location to store the handshake file i am going to leave it blank and press enter
Step 9: Now we are going to capture the handshake file using pyrit.
step 10: select deauth all or deauth the specific mac from the AP these options . i am going to select deauth all options and proceed.
step 11: Now the wireless apapter will deauth packet frames to the target AP. After the deauth packet reaches the AP it will disconnect all the clients from the AP , then all the clients will initiate the Handshake progress again [We force to make this] , now we capture the Handshake file. After capturing You can see the WPA Hanshake on the top.then press ctrl + c to exit if the handshake process is complete or wait for the handshake capture process to get complete.
step 12: Now lets verify the handshake file is in correct or not. if failed again do the handshake capturing progress.
select check handshake and proceed.
step 13: after checking file then create a SSL certificate i.e(UI that asks user for the password that looks like the authentic one
 |
Step 14: select web interface and proceed.
step 15: You can see a list of web interfaces select any of the one that corresponds to you AP , in case your trying for tp link router there is web interface available , if not available select OPTION English and Proceed.
step 16: After selecting the web interface and FAKE AP is created and enabled . you can see below.
Then after few seconds all depended services will be started automatically and waits for the client to be connected to this "FAKE AP" the client cannot be able to connect to the Original AP because deauth packets are send continuously to the original AP [BOTTOM RIGHT]. so we force them to connect to our AP.
You can see from the target side ,after connecting to the FAKE AP he tries to go to google.com but he end up with this password prompt.
step 17: If the password that is given by the target is correct then all the progress will stop automatically and the password will shown and saved.
Yea Finally we got the password !!!!!!!!!!!!!!!!!!!!!!!!!!.
Comments
Post a Comment