Linset is an Evil Twin Attack Bash script with everything built in (multi-lingual web page, DHCP, DNS server with redirect fake AP etc) so it has a bunch of dependencies, and it’s in Spanish. But other than that, it’s pretty cool.
It’s also a recursive acronym – Linset Is Not a Social Enginering Tool. There are some other cool Evil Twin tools like Infernal Twin – Automatic Wifi Hacking Tool and the protection tool EvilAP Defender – Detect Evil Twin Attacks.
- Scan the networks.
- Select network.
- Capture handshake (can be used without handshake)
- We choose one of several web interfaces tailored for me (thanks to the collaboration of the users)
- Mounts one FakeAP imitating the original
- A DHCP server is created on FakeAP
- It creates a DNS server to redirect all requests to the Host
- The web server with the selected interface is launched
- The mechanism is launched to check the validity of the passwords that will be introduced
- It deauthentificate all users of the network, hoping to connect to FakeAP and enter the password.
- The attack will stop after the correct password checking
As it’s a BASH script, there’s quite a list of external apps required to run Linset successfully:
Any standard Linux install will have quite a number, something like Kali will have even more but most likely you’ll need to install DHCPd, HostAPd, LigHTTPd and PHP5-cgi.
You can get Linset here:
Or read more here.