{"id":15374514,"url":"https://github.com/ivan-sincek/evil-twin","last_synced_at":"2025-04-15T11:32:01.156Z","repository":{"id":47731909,"uuid":"222789418","full_name":"ivan-sincek/evil-twin","owner":"ivan-sincek","description":"Learn how to set up a fake authentication web page on a fake WiFi network.","archived":false,"fork":false,"pushed_at":"2023-04-06T12:33:35.000Z","size":1884,"stargazers_count":108,"open_issues_count":0,"forks_count":13,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-03-28T20:51:20.405Z","etag":null,"topics":["aircrack-ng","bug-bounty","ethical-hacking","evil-twin","html","kismet","offensive-security","php","reaver","red-team-engagement","security","tcpdump","wash","wifi","wifi-penetration-testing","wifi-pineapple"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ivan-sincek.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-11-19T21:04:23.000Z","updated_at":"2025-03-26T12:38:01.000Z","dependencies_parsed_at":"2024-11-08T11:00:59.924Z","dependency_job_id":"d152d354-8820-4c28-ae2d-0160fe18389a","html_url":"https://github.com/ivan-sincek/evil-twin","commit_stats":{"total_commits":1,"total_committers":1,"mean_commits":1.0,"dds":0.0,"last_synced_commit":"415b5d3ac2733cbe86f1ad5400037644cbd3c0ba"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivan-sincek%2Fevil-twin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivan-sincek%2Fevil-twin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivan-sincek%2Fevil-twin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivan-sincek%2Fevil-twin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ivan-sincek","download_url":"https://codeload.github.com/ivan-sincek/evil-twin/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249061079,"owners_count":21206448,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aircrack-ng","bug-bounty","ethical-hacking","evil-twin","html","kismet","offensive-security","php","reaver","red-team-engagement","security","tcpdump","wash","wifi","wifi-penetration-testing","wifi-pineapple"],"created_at":"2024-10-01T13:58:57.154Z","updated_at":"2025-04-15T11:32:00.682Z","avatar_url":"https://github.com/ivan-sincek.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Evil Twin - Mark VII\n\nLearn how to set up a fake authentication web page on a fake WiFi network.\n\nRead the comments in these two files to get a better understanding on how all of it works:\n\n* [/src/evil-twin/index.php](https://github.com/ivan-sincek/evil-twin/blob/master/src/evil-twin/index.php)\n* [/src/evil-twin/MyPortal.php](https://github.com/ivan-sincek/evil-twin/blob/master/src/evil-twin/MyPortal.php)\n\nYou can modify and expand this project to your liking. You have everything you need to get started.\n\nYou can easily customize [CSS](https://github.com/ivan-sincek/evil-twin/blob/master/src/evil-twin/css/main.css) to make it look more like the company you are testing, e.g. change colors, logo, etc.\n\nYou can also use SingleFile ([Chrome](https://chrome.google.com/webstore/detail/singlefile/mpiodijhokgodhhofbcjdecpffjipkle))([FireFox](https://addons.mozilla.org/hr/firefox/addon/single-file)) browser extension to download a web page as a single HTML file, rename the file to `index.php`, and use it in the same template.\n\nTested on WiFi Pineapple Mark VII Basic with the firmware v2.0.0 and modules Evil Portal v1.5.1 and Cabinet v1.2.1.\n\nAdditional set up and testing was done on Windows 10 Enterprise OS (64-bit) and Kali Linux v2022.2 (64-bit).\n\nMade for educational purposes. I hope it will help!\n\nIn this project I also want to show you how to install and use WiFi Pineapple's modules through GUI, for more console attacks check my [WiFi penetration testing cheat sheet](https://github.com/ivan-sincek/wifi-penetration-testing-cheat-sheet).\n\nIf you have an older device, go to [WiFi Pineapple Nano \\(Mark VI\\)](https://github.com/ivan-sincek/evil-twin/blob/master/mark_vi).\n\n## Table of Contents\n\n* [How to Set up a WiFi Pineapple](#how-to-set-up-a-wifi-pineapple)\n\t* [Windows OS](#windows-os)\n\t* [Kali Linux](#kali-linux)\n* [How to Run](#how-to-run)\n\t* [Spoof All SSIDs](#spoof-all-ssids)\n* [Kismet](#kismet)\n\t* [Remote Packet Capture](#remote-packet-capture)\n\t* [Local Packet Capture](#local-packet-capture)\n* [Sniff WiFi Network Traffic](#sniff-wifi-network-traffic)\n* [Images](#images)\n\n## How to Set Up the WiFi Pineapple\n\nIn case you might need it, check [frimware recovery/upgrade](https://downloads.hak5.org/pineapple).\n\n### Windows OS\n\nFollow the instructions below:\n\n1. [Setup Basics](https://docs.hak5.org/wifi-pineapple/setup/setting-up-your-wifi-pineapple)\n\n2. [Windows Setup](https://docs.hak5.org/wifi-pineapple/setup/connecting-to-the-wifi-pineapple-on-windows)\n\n### Kali Linux\n\nDownload and run the following script:\n\n```bash\nwget https://downloads.hak5.org/api/devices/wifipineapplemk7/tools/wp7.sh/1.0/linux -O wp7.sh \u0026\u0026 mv wp7.sh /usr/bin/wp7 \u0026\u0026 chmod +x /usr/bin/wp7 \u0026\u0026 wp7\n```\n\n## How to Run\n\nIn WiFi Pineapple's dashboard go to `Modules \u0026 Packages -\u003e Modules -\u003e Get Available Modules`, install `Evil Portal` and `Cabinet` modules, and pin them to the sidebar.\n\nCopy all the content from [\\\\src\\\\](https://github.com/ivan-sincek/evil-twin/tree/master/src) to WiFi Pineapple's `/root/portals/` directory:\n\n```fundamental\nscp -r evil-twin root@172.16.42.1:/root/portals/evil-twin\n```\n\nGo to `PineAP Suite -\u003e Open AP`, and set the `Open SSID` to your desired (portal) name.\n\nGo to `PineAP Suite -\u003e Filtering`, and make sure both client and SSID filter lists are set to deny mode.\n\nConnect your WiFi Pineapple to a real working WiFi network in `Settings -\u003e Networking -\u003e Wireless Client Mode` section to tunnel network traffic back and forth from the Internet.\n\nIn WiFi Pineapple's dashboard go to `Evil Portal` and activate the portal, then, click on both `Start Web Server` and `Start`.\n\nIn WiFi Pineapple's dashboard go to `Cabinet`, navigate to `/root/logs/` directory and click \"Edit\" on `evil_twin.log` to view the captured credentials.\n\nDownload the log file through SSH:\n\n```fundamental\nscp root@172.16.42.1:/root/logs/evil_twin.log ./\n```\n\n### Spoof All SSIDs\n\nHide the open access point.\n\nIn WiFi Pineapple's dashboard go to `PineAP Suite -\u003e Impersonation` and add desired (portal) names to `Spoofed AP Pool`, then, set your settings as in picture below to spoof all the access points in your range.\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://github.com/ivan-sincek/evil-twin/blob/master/img/settings.jpg\" alt=\"PineAP Settings\"\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003eFigure 1 - PineAP Settings\u003c/p\u003e\n\n---\n\nFind out more about PineAP Suite [here](https://docs.hak5.org/wifi-pineapple/ui-overview/pineap).\n\nFind out how to turn up your WiFi Pineapple's signal strength to missassociate clients to the fake WiFi network from my other [project](https://github.com/ivan-sincek/wifi-penetration-testing-cheat-sheet#1-configuration).\n\nUse filtering so you won't go out of your testing scope.\n\n## Kismet\n\nSearch for WiFi networks within your range and fetch their MAC address, vendor name, etc.\n\n### Remote Packet Capture\n\nOn your Kali Linux, download some missing files, then, run Kismet's server:\n\n```fundamental\nwget https://raw.githubusercontent.com/kismetwireless/kismet/master/conf/kismet_httpd.conf -O /etc/kismet/kismet_httpd.conf\n\nwget https://raw.githubusercontent.com/kismetwireless/kismet/master/conf/kismet_manuf.txt.gz -O /etc/kismet/kismet_manuf.txt.gz\n\nkismet\n```\n\nConnect to your WiFi Pineapple (remote port forwarding) and install Kismet's remote capturing tool:\n\n```bash\nssh root@172.16.42.1 -R 3501:localhost:3501\n\nopkg update \u0026\u0026 opkg install kismet-capture-linux-wifi\n```\n\nConnect Kismet's remote capturing tool to Kismet's server:\n\n```fundamental\nairmon-ng start wlan0\n\nkismet_cap_linux_wifi --tcp --connect localhost:3501 --source wlan0mon\n```\n\nOn your Kali Linux, navigate to Kismet's dashboard (`http://localhost:2501`) with your preferred web browser.\n\n### Local Packet Capture\n\nConnect to your WiFi Pineapple, then, install, download missing files, and run Kismet's server:\n\n```bash\nssh root@172.16.42.1\n\nopkg update \u0026\u0026 opkg install kismet\n\nwget https://raw.githubusercontent.com/kismetwireless/kismet/master/conf/kismet_httpd.conf -O /etc/kismet/kismet_httpd.conf\n\nwget https://raw.githubusercontent.com/kismetwireless/kismet/master/conf/kismet_manuf.txt.gz -O /etc/kismet/kismet_manuf.txt.gz\n\nairmon-ng start wlan0\n\nkismet -c wlan0mon\n```\n\nOn your Kali Linux, navigate to Kismet's dashboard (`http://172.16.42.1:2501`) with your preferred web browser.\n\n## Sniff WiFi Network Traffic\n\nOnce you get an access to a WiFi network, start capturing network packets.\n\nIn WiFi Pineapple's dashboard go to `Modules -\u003e Manage -\u003e Get Available Modules`, install `TCPDump` module, and pin it to the sidebar.\n\nIn WiFi Pineapple's dashboard go to `TCPDump` and start capturing packets.\n\nYou can download the PCAP file by clicking on the cloud icon.\n\nYou can also pipe `tcpdump` from WiFi Pineapple directly to Wireshark\n\n```bash\nssh root@172.16.42.1 tcpdump -U -i wlan0mon -w - | wireshark -k -i -\n```\n\nOn Windows OS you might need to specify a full path to the executable.\n\n## Images\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://github.com/ivan-sincek/evil-twin/blob/master/img/landing_page_pc.jpg\" alt=\"Landing Page (PC)\"\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003eFigure 2 - Landing Page (PC)\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://github.com/ivan-sincek/evil-twin/blob/master/img/landing_page_mobile.jpg\" alt=\"Landing Page (Mobile)\"\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003eFigure 3 - Landing Page (Mobile)\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://github.com/ivan-sincek/evil-twin/blob/master/img/log.jpg\" alt=\"Log\"\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003eFigure 4 - Log\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fivan-sincek%2Fevil-twin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fivan-sincek%2Fevil-twin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fivan-sincek%2Fevil-twin/lists"}