1
00:00:00,330 --> 00:00:01,000
OK.

2
00:00:01,050 --> 00:00:06,390
So welcome back in this video, I'm going to teach you how to create a fake captive portal and steal

3
00:00:06,390 --> 00:00:09,450
the login information using social engineering.

4
00:00:10,560 --> 00:00:11,880
So let's get started.

5
00:00:12,360 --> 00:00:19,050
And first off, I'm going to click on the wireless icon from the taskbar and you can see I'm connected

6
00:00:19,050 --> 00:00:20,970
to airport free Wi-Fi.

7
00:00:21,840 --> 00:00:22,500
Now, let's see.

8
00:00:22,510 --> 00:00:28,710
For example, when you connect to this wireless network, you are being redirected to this login page.

9
00:00:29,790 --> 00:00:36,120
So let's pretend this is the original captive portal page, which is displayed to the users when they

10
00:00:36,120 --> 00:00:44,940
try to connect to the airport free Wi-Fi or key known locally machine and see how to create an access

11
00:00:44,940 --> 00:00:48,210
point with the same login page and similar name.

12
00:00:49,680 --> 00:00:57,330
And first, I'm going to open host APD config file using nano and the file name, and change the name

13
00:00:57,330 --> 00:01:07,800
to airport free Wi-Fi version to save the file and then start the access point using host APD and put

14
00:01:07,800 --> 00:01:10,200
the location for the configuration file.

15
00:01:10,740 --> 00:01:13,560
And I'm also going to add Dash B option.

16
00:01:14,280 --> 00:01:19,530
OK, so the next thing is to create the exact same login page as the original one.

17
00:01:20,910 --> 00:01:31,380
So first, I will change directory to slash four slash W slash HMO, and here I will type HD track.

18
00:01:31,920 --> 00:01:35,610
And now I need to put the link for the website, which I want to clone.

19
00:01:36,570 --> 00:01:45,480
So I'll go back to the Windows machine and copy the login page link and pasted here and press enter.

20
00:01:46,050 --> 00:01:52,600
This process may take some time, depending on how big is the website or key.

21
00:01:52,710 --> 00:01:57,090
So the next step is to capture the network traffic from the access point.

22
00:01:58,200 --> 00:02:06,870
And to do that, I will Type D Shark and said the interface to double Newlines Zero and Dash W the fire

23
00:02:06,870 --> 00:02:15,870
name and in my case, I will use to capture a P and press enter or key note.

24
00:02:15,890 --> 00:02:21,960
At this point, you can use the authentication back to kick all the users from the original access point

25
00:02:21,960 --> 00:02:25,080
and force them to connect to your fake access point.

26
00:02:26,100 --> 00:02:32,390
So to do that, I will open a new tab and type URL dump and G W learn one more.

27
00:02:33,180 --> 00:02:40,740
This W Len one is another wireless adapter in monitor mode, which I have attached to the virtual machine

28
00:02:41,970 --> 00:02:43,350
and press enter.

29
00:02:44,580 --> 00:02:52,740
And now you need to type airplay and G does zero zero Dash eight and copy the Mac address from the original

30
00:02:52,740 --> 00:03:00,270
Access Point and then paste it here and put the wireless interface and press enter.

31
00:03:01,440 --> 00:03:03,060
And no, the task is running.

32
00:03:04,140 --> 00:03:12,390
So let's go to the victim machine and click on the wireless icon and you can see I'm no longer connected

33
00:03:12,390 --> 00:03:18,690
to the network because Delta indication attack is disconnecting all the users from the network.

34
00:03:19,680 --> 00:03:22,770
So the victim will think there is something wrong with the network.

35
00:03:22,770 --> 00:03:25,350
And he may try to connect to the version too.

36
00:03:26,160 --> 00:03:32,130
And he will be redirected to the fake login page, which looks exactly as the original one.

37
00:03:33,510 --> 00:03:40,770
So let's say he will use Jack for the username and let me in for the password and tries to sign in.

38
00:03:42,210 --> 00:03:50,340
OK, now let's go to the Cali machine and stop the capturing process using control plus c and to find

39
00:03:50,340 --> 00:03:58,440
the login information, I'm going to type Disney for Dash B and the capture file name and press enter

40
00:03:59,100 --> 00:04:02,700
and you can see the username jack and the password.

41
00:04:02,730 --> 00:04:03,630
Let me in.

42
00:04:04,440 --> 00:04:08,040
So thanks for watching and I will show you next time.