EVIL-AP

Using EVIL-AP

EVIL-AP was created to perform pen tests and assist network administrators in auditing network security. AP allows network engineers to hack their own network to identify vulnerabilities and implement mechanisms to strengthen the network against potential attackers.

The author of this device is not responsible for any damages caused.

A little bit of theory

1. Phishing via Fake Login Pages

The first method by which a hacker router can exploit users is by intercepting login credentials to major platforms like Google, Facebook, and Microsoft. When an unsuspecting user connects to a Wi-Fi network that lacks proper password protection, the hacker router can redirect them to a fake login page. This page appears identical to the legitimate Google login page (or any other targeted platform), prompting the user to enter their username and password.

How it works:

• The victim connects to an unprotected Wi-Fi network.
• The hacker router detects this connection and injects a fake login page into the user’s browser.
• The user is tricked into entering their login credentials.
• The router collects this information and sends it to the hacker.

2. Evil Twin Attacks

The second method involves the hacker router scanning surrounding networks and creating a clone of a legitimate Wi-Fi network. This cloned network is configured with the same SSID (network name) but without a password, making it easier for users to unknowingly connect to it. When users enter their usual network password, thinking they are logging into their own network, the hacker router captures the credentials.

How it works:

• The hacker router scans nearby Wi-Fi networks and creates a copy of a legitimate network (using the same SSID).
• The fake network is left open, without a password, so users may think it is their own network and connect to it.
• Once a user enters their usual password, thinking they are logging into their real network, the hacker router captures the credentials.