hack WPA/WPA2 protected wifi security using Fluxion on android/pc (Kali Linux)

Hacking Tutorials
Post Reply
Posts: 554
Joined: Fri Oct 21, 2022 5:49 am

NOTE: Use at your own risk

Yes you read that right! WPA/WPA2 protected wifi lock. It is directly hacking wifi using social engineering (phishing)

So how does Fluxion work?
-First scan the target wireless network.
-Then it will launch the handshake snooper to capture the handshake.
-Launch captive portal attack then create a fake rouge access point.
-Spawns jammer to de-authenticate all connected users to the original accesspoint and lure to the fake access point.
-Once the target logs into the captive portal and types the correct password, the attack will auto terminate.
-Tada! Key will be logged after, instant password less than 5 mins.

1. Pc or android device with kali linux. It's okay also to use kali nethunter.
2. External usb wifi adapter (for packet injection)

NOTE: First thing before we start we need to do monitor mode.
1. run command: $ ifconfig
2. Then the external wireless usb will appear there (example name: wlan1)
3. run command: $ ifconfig wlan1 down $ iwconfig wlan1 monitor mode 4. Done. Ready for fluxion installation. Don't imitate the "$" sign, just the word. STEPS: 1. Just run kali-linux/kali nethunter, 2. Install Fluxion immediately by running command: $ git clone

This Content Is Only To Registered Users

Please Register or Login To Unlock The Content!

(click link to copy the full link, the copy will not work here in my post) 3. run command again: $ cd fluxion $ ./fluxion.sh
4. After running that command. It will auto install missing dependencies/packages there. If not, do manual installation.
5. After installation, let's proceed to run fluxion using command: $ ./fluxion.sh
6. Fluxion will run there, if not, there is still a missing package or dependencies for sure.
7. Once it runs, we proceed to the configuration like language, etc. Then select what usb external wifi you are using. (Type the number)
8. Next is to select a channel. I prefer here is select "All channel" if you are not sure what your target channel is.
9. Then a new window will appear there, airodump-ng for scanning wireless network. Ctrl + c to exit the window.
10. Then fluxion will release our available targets. Then choose number that cocoresponds to the target
11. An atttack option will appear there. Let's choose "FakeAP Hostapd" from the selected option.
12. Then fluxion will ask there regarding the handshake file. Let's just skip this process. Just hit "enter"
13. Then the handshake check option will appear. Let's choose "pyrit" from the selected option
14. Then the capture handshake option will appear. Let's choose "Deauth all" from the selected option (here the user will be disconnected from his wifi hohoho)
15. A new window will appear again, just don't bother with the capture handshake, you will see the deauth attack.
16. When the handshake is captured, (usually it says WPA HANDSHAKE xx: yy: so on and so forth) we just run the window in the background. Then let's go back to the fluxion window.
17. When you return to the fluxion window, a status handshake option will appear. Let's choose "check handshake" from the selected option
18. Once the handshake is valid, we will proceed to the next process which is to create "SSL certificate for fake login". Let's choose "Create a SSL certificate" from the selected option.
19. Then let's choose "web interface" from the selected option
20. Then we now choose a login template. Of course we choose "English" in the selected option.
21. And hello! Our steup is done. So fluxion will create a fake access point which has the same wifi information of the target. Let's expect more xterm windows to pop up.
22. So in the POV of our target. He can disconnect from his wifi then there will be the same wifi network to which he is connected. (Example if the name of the wifi is connect here, there will be another wifi network also named as connect here but it is just open. Meaning no password needed. Dont worry, the target cannot connect to the original wifi network because of deauth. So he has no choice but connect to our fake accesspoint.
23. Once the target connects to our fake AP, he will be redirected to the fake login page for wifi. (Here on this page you will be asked for the wifi password)
24. Once the target has submitted the password, fluxion will verify the password then if correct, fluxion will terminate all attacks and directly display the wifi password.
25. On the target side, a notice will pop up. Something like "your connection will be restored in a few moments" 26. Congrats! Have fun because you already got the password. PS: It's a very long step, because the process is complicated. But worth it. Usually, the attack lasts 5-7 mins. Depending on how fast the target connects and logs in to the fake AP.
Post Reply