The success rate was in the order of 80%-90%: 80-90% of the people who connected to the malicious access point got their credentials siphoned! This post is an excerpt from my course Black Hat Rustīut as you guessed, it was a phishing form, absolutely identical to the legitimate portal, and all the credentials were logged in a database on the Raspberry Pi of the attacker. When victims connected to his Raspberry Pi (thinking they were connecting to the wifi network of the campus), they were served a portal where they needed to enter their credentials, as usual. The attacker was walking in a targeted location with a Raspberry Pi in his backpack, spoofing the wifi access points of the location. The most effective phishing attack I ever witnessed was not an email campaign. Now it's time to see how to perform it in practice. In Hacking Stories #1 - The Evil Twin I teased the simplicity and effectiveness of an evil twin attack.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |