Wi-Fi
Pre reqsPermalink
You’ll need some Wi-Fi equipment that supports monitor mode, which is not the same as promiscuous mode. People usually got for Alfa stuff just because, but a cheaper Realtek, Tp-link, Atheros, Netgear, …, usb dongle will do the trick most of the time.
All you need to check is if it can switch to monitor mode and the output power it has, which is a simple the louder you scream the more people will hear and possibly answer.
You’ll probably need this too ;)
Monitor ModePermalink
Just copy paste change the wifi-interface to match yours and be done with it…
airmon-ng check kill
ip link set <wifi-interface> down
iw dev <wifi-interface> set type monitor
ip link set <wifi-interface> up
You can also set Tx power with
iw <wifi-interface> set txpower fixed 3000
But you’ll end up breaking your stuff if you push it too hard, so RTFM first!!!
What is this about?Permalink
Wi-Fi specific attacks and a little bit more ;)
WEPPermalink
Old-school!
WPA/WPA2 4-way handshake attackPermalink
Simple warm up here!
PMKID AttackPermalink
Simple warm up here too!
KRACKPermalink
つ ◕ _ ◕ ༽つ SUMMON THE KRAKEN ༼ つ ◕ _ ◕ ༽つ
Evil twin attackPermalink
Are you me? Am I you? Can you scream louder than me?
The SetupPermalink
I would recommend buying an OpenWRT compatible Wi-Fi router like one from GL.inet, and setting it up so that you just need to flip a switch to start pwning. They’re small, can run on powerbanks AND have native OpenWRT support… What more to ask for a cheap version of a Pineapple?
As of now, and until I update my setup for the walkthrough I usually go for a https://github.com/wifiphisher/wifiphisher on a Raspberrypi, which is more or less the same. Yes you can easily do it through iptables, some config, rerouting, …, but hey where’s the fun in that?
You can do this with only one Wi-Fi interface, but won’t be able to run the deauth part of it, so get at least one extra usb dongle or something…