I have designed this phishing page to grab the password of the victim wireless router. PTCL is basically an ISP in my country.
I want to know how can I redirect my victim to this page through "Evil Twin Attack" method. As you guys know, the
evil twin method redirects the victim to a credential login screen which doesn't really look legitimate (especially to people living in my vicinity) but once they'll see this page which looks almost legitimate and a bit official, they'd be probably convinced to sport the keys.
Does someone know how could I do that?
Thanking in advance.
5 Responses
You can use dnsspoof, here is a tutorial: https://null-byte.wonderhowto.com/how-to/hack-like-pro-spoof-dns-lan-redirect-traffic-your-fake-website-0151620/.
DNS Spoof will work only if I'm connected to the same network as the victim.
And being connected to that network requires "PASSWORD" for which I designed this phishing page.
If I'm connected to the same network then that means I already know the password, what's the need of the phishing page then?
Build an evil twin, turn up the power and when people try to login direct them to your web page.
hi there master OTW! First of all, you're amazing! I've checked so many thread of you, and i learned a lot from your threads including your Evil Twin, it was so amazing, but i have the same question with Hamza. How can we redirect ALL the traffics of our target when connected to our Evil Twin, to a specific site and ask for WPA2 keys (In Hamza case is his own designed Phishing page). I've tried WifiPhisher, it worked pretty well though, only 1 problem is it didn't send deauth to the target AP, i have tested on my OWN network and smartphone, when wifiphisher is all set up well, my smartphone still stayed on the wifi and not being bumped out? i guess the wifiphiser didn't bump my phone out, in that case the victim will never connect to our Evil Twin 'cuz they are not bumped out from the target AP. And I can't do Aireplay --deauth when i use Wifiphisher, vice versa. Also i really want to do the procedure by myself step-by-step 'cuz it will help me more understand the commands and how they work, i just love to do from your Tutorial, I think it would be more nice if u make a TUT on how to set up a phishing page and redirect the target to that page and ask for wpa keys when they connected to our Evil Twin! Sorry for my bad English and any uncomfortable if u may have with my question....! Have a nice day!!
After eviltwin you can redirect all http and https traffic to your phishing page by using iptables.
let me know if you need any further info.
Share Your Thoughts