Hack That Shit
Evil Twin Attack with Fluxion

Evil Twin Attack with Fluxion

by

Introduction

What if you could trick a user into giving you their Wi-Fi password, no cracking involved?

Enter the Evil Twin Attack — a phishing-based Wi-Fi attack where you clone a real network, disconnect users, and lure them into connecting to your fake access point. Once they do, you phish their WPA2 password with a realistic-looking login page.

Let’s explore how to do this ethically using a tool called Fluxion.

❓ What is an Evil Twin Attack?

An Evil Twin is a fake access point (AP) that mimics a legitimate Wi-Fi network:

  • Same SSID as the real AP

  • Broadcasts stronger signal to attract clients

  • Phishes for the WPA2 password through a captive portal (webpage)

Think of it like a fake ATM asking you to re-enter your PIN.

⚙️ Tools Needed

  • Kali Linux

  • Wi-Fi adapter with monitor mode + AP mode

  • Fluxion tool (automates everything)

  • Basic terminal knowledge

🔧 Installing Fluxion

git clone https://github.com/FluxionNetwork/fluxion.git
cd fluxion
sudo ./fluxion.sh

Fluxion auto-checks dependencies and launches a terminal UI.

Step-by-Step: Launching an Evil Twin Attack with Fluxion

1. Scan for Targets

Start Fluxion by running the tool in your terminal.

Steps:

  • Select your wireless interface (e.g., wlan0mon)
  • Scan for available Wi-Fi networks
  • Choose a target with WPA2 protection

2. Handshake Capture

Fluxion captures the handshake using a combination of:

  • Running airodump-ng to listen for packets
  • Sending deauthentication packets to disconnect users
  • Waiting for one or more clients to reconnect

If Fluxion doesn’t capture a handshake, it will not proceed to the next phase.

3. Create the Fake AP

After a valid handshake is captured, Fluxion will:

  • Start a fake Access Point (AP) with the same SSID as the target network
  • Force clients off the real AP using deauthentication
  • Trick users into reconnecting to the fake AP

4. Launch the Phishing Portal

Once clients connect to the fake AP:

  • Fluxion presents a legitimate-looking Wi-Fi login page
  • Users are prompted to enter their Wi-Fi password
  • Fluxion verifies the password against the captured handshake in real-time

If the entered password is correct, Fluxion will display:

Password is correct. Attack completed.

Why Evil Twin Works?

  • Most users blindly reconnect to saved networks

  • Captive portals are common in cafes/hotels — users expect them

  • No password cracking needed — users give it away

How to Defend Against It

  • Don’t enter passwords into unexpected login pages

  • Use HTTPS Everywhere and VPNs

  • Always verify router MAC addresses

  • Set your device to “Ask to Join Networks” mode

Legal Warning

Running an Evil Twin Attack in public is highly illegal and intrusive. You must only run this on:

  • Your own router/lab

  • With full consent from the owner

This is for educational, ethical hacking purposes only.

Wrapping Up

The Evil Twin Attack is a powerful way to test how easily users can be fooled into giving up Wi-Fi credentials. With Fluxion, the entire process is automated — from handshake capture to password phishing.

Next up:
🔓 Part 11 – WPS Attacks with Reaver & Bully: Crack WPA2 Without a Password

1 thought on “Evil Twin Attack with Fluxion”

  1. Pingback: PMKID Attack – Crack Wi-Fi Without a Handshake

Leave a comment

Table of Contents

Index