Fluxion, A Tool to hack or test WPA/WPA2 Security Without Brute Force
Fluxion is the future—a blend of technical and social engineering automation that trick a user into handing over the Wi-Fi password in a matter of keystrokes. Specifically, it’s a social engineering framework using an evil twin access point (AP), integrated jamming, and handshake capture functions to ignore hardware and focus on the “wetware.” Tools such as Wifiphisher execute similar attacks, but lack the ability to verify the WPA passwords supplied.
How Fluxion works ?
- Scan the networks.
- Capture a handshake (can’t be used without a valid handshake, it’s necessary to verify the password)
- Use WEB Interface
- Launch a FakeAP instance to imitate the original access point
- Spawns a MDK3 process, which deauthenticates all users connected to the target network, so they can be lured to connect to the FakeAP and enter the WPA password.
- A fake DNS server is launched in order to capture all DNS requests and redirect them to the host running the script
- A captive portal is launched in order to serve a page, which prompts the user to enter their WPA password
- Each submitted password is verified by the handshake captured earlier
- The attack will automatically terminate, as soon as a correct password is submitted
- A linux operating system.
(recommend Kali Linux 2 or + versions which support the latest aircrack-ng versions.)
- A external wifi card is recommended. (if u use kali as Virtual os external wifi card in needed)
GETTING INTO WIRELESS ATTACK USING FLUXION
STEP-1 : Cloning into Fluxion
To get Fluxion running on our Kali Linux system, open terminal and change the directory to desktop and clone the git repository with:
STEP-2 : Moving into the downloaded folder
lets move into the downloaded folder by :
STEP-3 : Installation of dependencies
Install the dependencies for fluxion before that change the permission of the file by
chmod +x installer.sh
A window will open to handle installing the missing packages. Be patient and let it finish installing dependencies.
STEP-4 : Running the tool Fluxion
After all the dependencies are met, our board is green and we can proceed to the attack interface. Run the Fluxion command again with
STEP-5 : Scan Wifi networks
The first option is to select the language. Select your language by typing the number next to it and press enter to proceed to the target identification stage. Then, if the channel of the network you wish to attack is known, you may enter 2 (specific channels) to narrow the scan to the desired channel. Otherwise, select 1 (all channels) to scan all channels and allow the scan to collect wireless data
A window will open while this occurs. Press CTRL+C to stop the capture process whenever you spot the wireless network that you want. mandatory to run the scan for atleast 30 sec so that it can reasonably verify the connected clients to the network
STEP-6 : selectyour target wifi AP (Access Point)
Select a target with active clients for the attack to run on by entering the number next to it. Unless you intend to wait for a client to connect this attack will not work on a network without any clients. with no one connected to network there is no use of attacking that network and we will not be able to get the key of that wireless network
STEP-7 : Select your attack
Once you’ve typed the number of the targeted network, press enter to load the network profile into the attack selector. This will create a fake hotspot using the captured information to clone the target access point. select the type of attack .”fake ap – hostapd” is the recomended one hence type 1 and press enter.
STEP-8 : Get a Handshake
In order to verify that the password we receive is working, we will check it against a captured handshake. If we have a handshake, we can enter it at the next screen. If not, we can press enter to force the network to provide a handshake in the next step.
Using the Aircrack-ng method by selecting option 1 (“aircrack-ng”), Fluxion will send deauthentication packets (jamms the network) to the target AP as the client and listen in on the resulting WPA handshake. When you see the handshake appear, as it does in the top right of the screenshot below, you have captured the handshake. Type 1 to check the handshake and hit enter
STEP-9 : Create the phishing login Page (fake login page)
Select option 1 “Web Interface,” to use the social engineering
screen will be loaded with a list of different fake login pages (phishing pages) you can send to the client user. These can be customized with some edit works, but then it should match the device and language. The defaults should be tested before use
This is the final step to launch the attack At this point, you are ready to shoot, so press enter to fire the attack. The attack spawns multiple windows to create a cloned version of their wireless network while simultaneously jamming the normal AP, enticing the user to join the identically named AP , but an unencrypted, network.
STEP-10 : Capturing the passwords …
The user is directed to a fake login page, which is either convincing or not, depending on which you chose.
Entering the wrong password will not match the handshake verification, and the client will be prompted to type the password again correctly . Upon entering the correct password, Aircrack-ng verifies and saves the password to a text file while displaying it on the screen. The user is directed to a “thank you” screen as the jamming ceases and the fake access point shuts down.
Fluxion is intended to be used for legal security purposes only, and you should only use it to protect/ audit/ test networks/hosts you own or have permission to test. Any other use is not the responsibility of the developer(s). Be sure that you understand and are complying with the Fluxion licenses and laws in your area. In other words, don’t be stupid, and use this tool responsibly and legally. author and admin is legally not responsible for your acts