Evil Twin Attack Method + Captive Portal

[M4rulli]

you could try to introduce an Evil AP attack, and also the possibility to create a captive portal which is a feature that almost no one implemented yet on a sort of “framework” like this, would be awesome

[risinek]

Evil Twin AP is already partially implemented as Rogue AP. Maybe the naming is a bit ambigous. Current imlementation of Rogue AP uses WPA2 and hence it sends deauthentication packets automatically by design. But if you configure it to be open (no password), you basically get Evil Twin AP.
Setting up the captive portal would require more work with custom DNS resolver or rerouting :80 traffic to local HTTP server. That's something new in this project, hence it would have to be done from scratch.

[M4rulli]

thanks for the reply! Then i think it’s possible to make the ESP32 build its “own” AP that steals login details with a captive portal, otherwise a more complex feautre to make, is to do the same thing but also redirect the victim to the actual real connection. Why this attack is good? Imagine if we are in a public institution, there are plenty of free wifi networks, with the Evil Twin, we can create a fake “extender” (a.e. library 2, gym EXT and so on) under a psychological point of view everyone will connect to the “stronger” signal, and then the attack goes on. basically this method, if set up well, could be very dangerous.