InfoSec Write-ups – Medium–
Creating A fake wireless Access Point in 2 minutes
Microcontrollers are great, One of the most popular and cheapest is the ESP8266, an Arduino- chip on which the Wi-fi deauther project is based.
I have used this one https://amzn.to/36kKSWa with an OLED display to play around creating fake wireless access point, and deauthenticate ( another word for disable ) nearby wi-fi networks.
The main purposes of sending deauthentication frames ( as used by wireless hackers ) are to force nearby clients to connect to an evil access point which then can be used to capture user packets
Deauther can do all of that by creating packets and sending them in the air. those packets belong to the wi-fi management frame packets, which in most access points and wireless router sold, are not protected, nor encrypted.
We will look at how deauther scans and sends de-authentication and dissociation packets in the next article, but for now let’s look at the microcontroller itself and we can easily create a virtual wireless Access point
The Module itself
Deauther comes in different flavors, some include an OLED display, some don’t, it usually is bundled with a dipole antenna, that will increase your chances of capturing more nearby access points and stations ( clients )
A micro USB port from one side allows you to power the device using a power bank ( makes it handy to travel with), there is even a watch version if you are really into it https://amzn.to/32u4GFx of it
Once you power up your deauther, it will broadcast it’s SSID which is pwned, just connect to it, the password is ( you’ve guessed it ) “deauther”
Now head over to 192.168.4.1 ( you can also do it on your smartphone, but for convenience, I will use my chrome browser
The page is divided into 4 main sections
Scan– where you can scan the access points and the stations ( clients ) around you
You can select different AP’s or stations for later attacks ( which we will look at in the next article ) or move to the other section which is SSIDs, where you can create a fake Access-Point, and use them for your beacon and probe attacks
Here on the SSID’s page, just name your fake wi-fi network name ( SSID )
Security level ( you can leave that open ) and the number of fake networks.
Once you do so, your deauther will actually publish a beacon frame. Every SSID on each frequency band broadcasts its own unique beacon frame. This is nothing more than an advertisement broadcast frame out to tell any listening devices that this SSID is available and has particular features ( security level, data rate …)
Our home wifi network does that. every wifi network is using beacon frames, usually at an interval of 1 to every 100ms
Another term that you need to be familiar with is Probe Request, which is similar to the beacon frame, but this time, it comes from the client-side, looking for an available wi-fi network to connect to
Press Reload to save the SSID and move to the next section, Attacks
Here you can trigger the attack different attacks, we will use the beacon attack, where we actually send out continuously fake beacon frames announcing wireless networks, remember we have chosen to publish no less than 5 wi-fi networks
And there we have it
Disclaimer — this demo is for educational purpose only, please use it carefully
You can subscribe to my channel at youtube.com/fortitip or join my FortiGate courses at https://www.udemy.com/course/fortigate-admin-crash-course/?referralCode=0B534DCF7A6D8BD3417E
Creating A fake wireless Acess Point in 2 minutes was originally published in InfoSec Write-ups on Medium, where people are continuing the conversation by highlighting and responding to this story.