How Hackers Create Free Wi-Fi Captive Portal To Steal Social Media Accounts !

In Schools, colleges,  Railway Stations, etc. wherever you go, you'll probably find a free Wi-Fi captive portal to access the internet free of cost for a limited time or usage. Hackers can also take advantage of this and trap hundreds of victims at once and steal their credentials of social accounts.

In this article, I'll explain and show you how actually hackers do it so you can protect yourself from being hacked by this type of cyber attack. Before diving into this article, If you want to be a hacker but don't know where to start join our "Hacking Like Watchdogs Course & Training" program to learn everything directly from me within the next 3 weeks. It is 100% practical-based real-world hacking and you'll get lifetime updates for free.

So let me give you a short overview of what actually a hacker does to create a fake Wi-Fi captive to steal social media accounts. A hacker/attacker hosts a temporary free Wi-Fi captive portal and nearby people can access it on their devices after logging in with their social accounts like Email, Instagram, Facebook, etc. Once a victim enters their details, the hacker/attacker can see their login credentials and the victim may or may not get any access to free Wi-Fi.

Here is a bash script available on GitHub that can give you a practical demonstration of this attack.

Foll the commands given below on your Linux operating system to clone and use this tool:

git clone https://github.com/s0meguy1/RougeWifi.git
cd Rouge-Wifi

Now you need to copy all the files from this directory to the Apache web server location (/var/www/html) using the following command.

cp –r * /var/www/html

Let’s change the directory to /var/www/html and use the ‘ls’ command to see all the files.

cd /var/www/html && ls

Here you can see the files 

Now everything is ready, run the following command to execute this script

sudo ./wifi.sh wlan0 eth0 Free-Wifi

This command will use wlan0 which is the wireless interface for creating the access point, and the second interface eth0 will be used to give internet access to the users when they have submitted the login credentials. Free Wi-Fi is the network name.

In my case, I have an internet connection through eth0. If you are using two wifi cards, just switch out eth0 (in my above example) for the internet interface (wlan1,wlan2…).

The internet interface can be wired or wireless, but obviously, the AP interface needs to be wireless. You can use ifconfig command to find the interfaces on your system.

Now you can use another device to scan for this fake Wi-Fi captive and when you click on that network a fake login page appears in your browser which is actually a phishing page. The victim will be redirected to Google after logging in and being able to access the internet.

You can open the password.txt file on your Linux machine to see the login credentials.

I hope this information is helpful for you and make sure to save bookmarks and enable notifications for future posts like this.