How Hackers Can Grab Your Passwords Over Wi-Fi with Evil Twin Attacks

December 13, 2019 by 46 Comments

Airgeddon Used for an Evil Twin AP with Captive Portal
Full Video:
Subscribe to Null Byte:
Kody’s Twitter:

Cyber Weapons Lab, Episode 010 (Recut – Partial Episode)

Wi-Fi networks can be set up by smart IT people, but that doesn’t mean the users of the network are similarly tech-savvy. We’ll demonstrate how bad actors can use am evil twin attack to steal Wi-Fi passwords. Essentially, they kick a user off their trusted network while creating a nearly identical fake one they connect to. This forces the victim to connect to the fake network and supply the Wi-Fi password to regain internet access.

While a more technical user might spot this attack, it’s surprisingly effective against those not trained to look for suspicious network activity. The reason it’s so successful is that most users don’t know what a real firmware update looks like, leading to confusion in recognizing that an attack is in progress. By knowing all this, it’s easier to spot and avoid your Wi-Fi password from being taken right from under you.

To learn more, check out the article and more in-depth video on our website:

Follow Null Byte on:
Weekly newsletter:


46 Replies to “How Hackers Can Grab Your Passwords Over Wi-Fi with Evil Twin Attacks”

  1. Tutorial: baskal y vetores bro ♥️

  2. hac ker says:

    Which is the best wifi adapter for network or wireless network hacking? For Kali Linux

  3. Digital penetration – more than one way to understand that phrase

  4. Aswin cv says:

    Hi, when I try do this, 2 issues are blocking me.
    1. deauth is not working
    2. even if I am able to see the twin in my wifi list. not able to connect to it.

    if I try deauth manually by using aireplay its working fine.

    am using kali latest version in virtual box and network card is alfa AWUS036NEH. can you please help.

  5. So what if someone puts a link to the disclaimer (or even the "accept terms" checkbox) on the fishing page which really describes everything what is going on. Noone ever reads it, but would it enable then to perform such attack perfectly legally? I.e. user grants permission to perform an attack by checking the "accept terms" checkbox(just like we grant permission to use all our private data to google, ms, apple, etc by accepting their terms..

  6. aussie bob says:

    Awesome video mate , i've been offered to do pen testing for a oz government agency and a couple of private conglomerates after new years… abit of a career change esentially brushing up on a few things i'm unsure about i only work with Kali linux Nmap metasploit, masscan etc etc coming from being a diesel mechanic the last 5 years there's alot of these new 'exploits' i'm unaware of , i like the way you mention about youtube esentially 'pushing you into a corner' because realistically it's the public with no network security knowledge that needs educating, There are so many (mainly media) videos coming out now, running people like yourself into the ground when realistically we/you are pointing out the flaws in general network vulnerabilities and every frigging servers here are old and outdated business/ big conglomerates don't care until you actually say 'hey your running and old apache server that's outdated and i can telnet or ssh straight into it' basically holding them to ransom…it's crap because once you physically show them how then they want to talk $( and by then it's to late i could of pulled all there data 100 times over if i wanted to ) , especially with shodon now showing us every connected vulnerable system, just made it so much easier instead of port scanning and hunting around ( in saying that i find shodon good to just 'muck around' and knock on peoples doors) , i've subscribed to your channel really like your work , but unfortunatley the whole 'cyber attacks' media hype are pushing us ethical hackers protecting the public into a corner, i'm over bighting my tongue…there are to many uneducated people out there and it's the 'mass' of the population if you ask me ..there are what 8.4 million + servers running outdated crappy Os's with SEVERAL security flaws ? and i'm no expert i see the potential now after mucking about with some servers and simply going 'bugger it lets email them and say i've cracked your network and i'm a amateur but fix it or someone better than me will compromise all your data..and it's finally paid off' merry christmas from Australia and i love your content it's great cheers

  7. Random Dude says:

    Is there a tool that can run a MITM like this, but without the fake portal, instead, when the victim attempts to connect to the evil AP, it will capture the connection packet with the password, and try it against the real AP?

  8. kali linux says:

    i love your content but jhheeeez is it awkward lol

  9. Hi bro, I tried this on my own wifi. Everything works fine except that the Evil twin of my wifi network doesn't appear. there is only one network (the original one) and it requires password and then disconnects. I can't go further then that.
    I need your help!

  10. Vijecni says:

    can you doo a tutoria; for windows10

  11. 7:59 YouTube would rather its users be hacked and subjected to ransomware than permit controversial education.

  12. Trax . says:

    Are you blackhat or white or grey

  13. GopAl Chand says:

    Sir in useland mitm in websploit doesn't work sir please make a video on it plzzzzzzzzz sir

  14. plz I have some truble with hostapd.conf nl80211 couldn't find driver …
    i have Kali Linux on VM v 5
    and alfa adapter rtl8187

  15. LY KIM LENG says:

    Can it work with TP link 300mbps USB Wi-Fi adapter ?

  16. TheLoneSalt says:

    I am relatively new to all of this so bare with me. Is it not possible to create a locked network exactly like the target network and when they try to connect and input the actual password in their settings not a web to make everything more believable (this obviously wont work since our new locked network has a random ass password ) cant we just capture the error key they sent to our network and test it on our machine against the targets previously saved wpa2 handshake.

  17. I’m using kali Linux and ran sudo etc but it telling me to use python 🐍 3 so now I’m lost

  18. Do you have an e mail or something an get this information somewhere else and I tired your sit it did not help

  19. I tried using this attack using argeddon but the fake access point is not generating and i suppose there ia a problem in AP window or DHCP window, rest all the functions are performing properly i had installed all the required tools and i am also able to capture the handshake. Please i am stuck and i know i am step away from achieving it…..

  20. Anas kureshi says:

    you are mind blowinggg bosss❤❤❤

  21. i want test this evil twin ap attack on my wifi and i purchased a wifi adapter and i installed airgeddon in kali linux and when i start the attack everything goes well except the one saying that nl80211:could not configure driver mode
    hostap initialzation failed
    wlan0 wasn't started .
    please help me.
    thanks in advance

  22. #vera level says:

    Hey kody u are my hero man. i like u more..

  23. Cold Spirit says:

    NullByte if one day I manage to get most of your hacking tutorials,would you say that I have a somewhat solid foundation of hacking for advancing in the field for a career with more expensive courses?
    Thank you!

  24. Sir,
    Got Error ( on this screen, its supposed an additional wifi interface is chosen, but you don't have anyone at this moment) help..

  25. GabeN CS says:

    Isn't it possible to figure out the wrong password attempt (target would've entered the password to his network) ? Rather than pursuing the target to enter the password into a phishing page.

  26. This is for advanced not for beginners… at least you should have shown how to install the Evil Twin!

  27. please another time give us the link
    thank u

  28. Why would the victim go for open network when he know that his network is secured?

  29. Arun KP says:

    Need Help – Evil Twin Attack

    Issue : Evil twin attack failed to create fake acces point

    When doing hands-on on wifi hack using evil twin method, im not able to see any fake acces point has been created.Looks have some issue in AP window like below.

    hostapd_free_hapd_data : Interface Wlan 0 wasn't started

    How to solve this? Please help…

  30. clay 81 says:

    thankyou for education

  31. eight 6 says:

    you can make the victims machine connect by boosting the apparent signal to 99%

  32. Aku T_006 says:

    How to configure the phishing page on this airgeddon?

  33. Sir I have tried so many ways but the router didn't provide me handshake files and also in the monitor mode station and all other columns didn't show any data after sending deauth packets through aireplay-ng.
    Router name – Airtel zerotouch 5g broadband
    Sir help plzzz
    Please help 🙏🙏🙏🙏🙏😭😭😭

  34. OP. BLACKAT says:

    How to install an app with a link….?

  35. I am from Brazil I am looking for a connection from someone to make money by exchanging ideas plans I have some good ideas to make money if anyone wants to answer me in Portuguese ok remembering ideas to exchange only people capable of PCC 1533 faction!

  36. lol omg people are more worried about your blinking than youtubes ban, thanks for the video

  37. NayGa says:

    legend says that null byte still replies to comments

  38. Law4Hacking says:

    you cant get password https

  39. Deepak Kumar says:

    Please someone give me a wifi adaptor please i don't have money to buy a new one 😭😭

  40. Dronefied says:

    I have a question??? Once they put their password into the fake router page. Does it reconnect them back on the internet. So they are relieved and don’t call say “their provider”. You know what I’m saying???

  41. this videos really help me I'm starting to get into cyber security and videos have helped a lot

  42. Nitendo Cube says:

    I'm surprised that the website was in HTTP and not in HTTPS

  43. Do you need a 2 wifi adapter or onky 1?

Leave a Comment

Your email address will not be published. Required fields are marked *