Scribd
Upload
298 views

Evil AP

This document summarizes how to use the Wifi Honey tool in Kali Linux to impersonate wireless access points and capture authentication attempts in an effort to crack passwords. It provides an overview of Wifi Honey, outlines the requirements which include Kali Linux, a WiFi adapter, and explains how to run Wifi Honey by specifying the fake access point name, channel, and interface. It also shows screenshots of running Wifi Honey and capturing authentication attempts from an Android phone trying to connect to the fake access point. The document concludes by noting the captured files can then be analyzed with aircrack-ng to attempt recovering the real access point password.

Uploaded by

alvertosk84
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
298 views

Evil AP

This document summarizes how to use the Wifi Honey tool in Kali Linux to impersonate wireless access points and capture authentication attempts in an effort to crack passwords. It provides an overview of Wifi Honey, outlines the requirements which include Kali Linux, a WiFi adapter, and explains how to run Wifi Honey by specifying the fake access point name, channel, and interface. It also shows screenshots of running Wifi Honey and capturing authentication attempts from an Android phone trying to connect to the fake access point. The document concludes by noting the captured files can then be analyzed with aircrack-ng to attempt recovering the real access point password.

Uploaded by

alvertosk84
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

O B S E R V A T I O N S

P R I V A C Y ,

O N

S E C U R I T Y ,

T E C H N O L O G Y ,

C U L T U R E

A N D

SLEUTH BLOG

Sleuth Blog

M O R E

P O P

Honey from a knife: Using Wifi Honey to


impersonate wireless AP's
JULY 31, 2016 IN HACKING

I had some time recently to experiment further with some tools in Kali Linux which I hadn't
previously used. In this instalment I run through using Wifi Honey to create a fake Wireless AP
which can have endless uses but ultimately it can be used to try crack the passcode of a Wireless
AP by getting a device to repeatedly try to authenticate against your fake AP.

Overview of Wifi Honey


Wifi Honey is a simple and easy to use script which when given an AP name it will create a fake
AP with multiple encryption types. The idea is that then the device which connects to an AP with
the same name will then connect to the relevant fake AP created by Wifi Honey while all of the
authentication attempts are monitored and recorded for cracking later on.

Wifi Honey start prompt.

What you will need


To get started with Wifi Honey you just need the following:

1. A bootable USB drive with Kali Linux installed


2. A PC capable of running Kali Linux
3. A wifi adapter (used for the monitoring interface mon0)

Running Wifi Honey


Running Wifi Honey is quite simple. Some tutorials advise in running wifite prior to starting
WifiHoney so that a monitor interface is created. In this tutorial I did the same but I believe that
this is not necessary for Wifi Honey however if you do run wifite beforehand do not close it
while running Wifi Honey as it will cause problems for your Wifi Honey session.

If you need to learn how to use wifite you can learn how to do it in in an earlier post
available here. So to get started run wifite and follow the prompts to create a monitor interface
(mon0):

$ wifite

Now to run Wifi Honey run the following command in a separate window to wifite:

Usage: /usr/bin/wifi-honey <essid> <channel> <interface>

Default channel is 1

Default interface is wlan0

Robin Wood <[email protected]>

See Security Tube Wifi Mega Primer episode 26 for more


information

root@kali:~# /usr/bin/wifi-honey SSID_NAME 1 wlan0

Now sit back and wait as Wifi Honey collects the inputs which will all be stored as .cap files.

Wifi Honey Kali terminal output.

I tried to connect to the fake AP with an Android Phone (Samsung Galaxy S3) Heres what it
looked like when connecting from the Android Phone:

Trying to connect.

Once you have collected all of the Raw files you can run through them with a program like
aircrack-ng to attempt to recover the real AP password.

Conclusion
As always please let me know if found this article useful or if you didn't, Dont forget to like this
post or leave a comment below to let me know another area you would be interested in reading
about. Thanks for your continued support!

Until Next Time!

The Security Sleuth

You might also like