We all use Wi-Fi on our daily basis, but the question is do you really trust the Wi-Fi you are using? Many times people like us visit cafes, public places and connect to their open Wi-Fi network via mobile or PC’s, but do you realize that there could be a hacker behind that Wi-Fi network who is stealing all your data password and other information? Yes this could be a case!
So in this article I am going to tell you how to create a fake access point (Hotspot) to harvest login credentials. in simple words in this article I am going to tell you about an easy method to create a fake Wi-Fi hotspot so that you will be able to see all the data username and password of the devices connected to your fake hotspot.
Like always This article is just for educational purpose, use this wisely.
Everything depends upon the Wi-Fi hotspot you are creating so that the people will connect to the open hotspot and when a device makes an interaction to the internet via hotspot you will be able to see all the data like device name IP address MAC address and the request they are making.
1) First of all you need to create a fake access point or I can say of a hotspot where the people or let’s say our target can connect their devices too. You can do that using a tool known as Wi-Fi pumpkin
Now the best thing about this Wi-Fi pumpkin is that it lets you create an access point with the very simple and easy method so once you clone the Wi-Fi pumpkin from the given link you should try it in your Kali Linux machine or you can also try it in your Windows PC but I will suggest you use a Kali Linux because of its simplicity and other tools availability make sure that after installing this Wi-Fi pumpkin you have to install hotspad and other requirements.
2) Now as you can see in the above image the GUI of the tool is very much simple and you can easily select the option and configure it accordingly.
3)To set up of fake Wi-Fi hotspot just go to the settings tab and here you can configure the name of the Wi-Fi and provide SSID make sure that your Hotspot name looks real and trustful like if you are near coffee shop or any kind of cafe you should name the Wi-Fi as a coffee shop name so people will think it’s the wifi provided by that coffee shop to owners and you will easily get more victims.
Now I am using my SSID name as jio-net because jio network is providing a lot of free Wi-Fi Hotspot for Free so it makes it more genuine and real and the user can trust it. Now configure other details like channel settings, and BSSID, whether you want HTTP request authentication and other details you should also assign the IP range and the activities you want to monitor.
4) Now after all the configuration is done you can start your Wi-Fi hotspot with the common name as we discussed in the earlier point.
5) Once you put your Wi-Fi. The devices will start to get connected and you can see the name under the home tab.
6)Now as the devices Get connected they will start to send requests to the server through your fake Wi-Fi hotspot you can see all the logs under activity monitor tab it has all the logins and all kinds of HTTP and other request made by the device with source and destination IPs
6) Now that you have all HTTP request the URL source and other data which is passing through your network you can easily locate to the URL and search for HTTP header so that you will get the username and password if someone is not using a secure network.
7) You can enhance the level of hacking by using different plugins under the plugin tab many advanced tools are there and keyloggers are also available. Under the images can you can view all the images that are being loaded on the website and also all the data which is being exchanged from server to the device
8) This way you can spy on anyone and you know what kind of information is being exchanged without their knowledge.
Done! Now you will be able to see all the HTTP request and Username and Password of all the devices connected to your hotspot.
Share this article to help our us and make sure you follow us everywhere for more interesting content.