In this video I demonstrate how to set up a Rogue Access Point (aka the Evil Twin attack), which is subsequently used to trick a mobile phone into authenticating with the aforementioned Rogue Access Point. When the mobile phone attempts to authenticate, it also sends the hashed credentials over the air, which can be sniffed and cracked if the password is weak.

Using WPA CCMP (AES) with a 64-byte (character) password is currently near impossible to crack though. (Unless that password is in a dictionary or wordlist for example.)

DISCLAIMER: Setting up Rogue Access Points is unethical, but is generally not illegal by itself. Deauthenticating clients (i.e. any type of device) from any network without explicit written permission is illegal in most countries. Logging on to any secured wireless network, which you have obtained access by cracking the handshake is also considered illegal in most countries. This is just a friendly reminder that just because you CAN, does not mean you SHOULD (hack everyone’s wireless networks).

Topics covered:
– Configuring Rogue Access Points
– Deauthenticating Associated Clients
– Capturing & Cracking The Handshake

Tools covered:
– Airbase-ng
– Aireplay-ng
– Airodump-ng
– Aircrack-ng

Stay tuned and subscribe for more upcoming videos showing actual hacks!