I had some time recently to experiment further with some tools in Kali Linux which I hadn't previously used. In this instalment I run through using Wifi Honey to create a fake Wireless AP which can have endless uses but ultimately it can be used to try crack the passcode of a Wireless AP by getting a device to repeatedly try to authenticate against your fake AP.
Overview of Wifi Honey
Wifi Honey is a simple and easy to use script which when given an AP name it will create a fake AP with multiple encryption types. The idea is that then the device which connects to an AP with the same name will then connect to the relevant fake AP created by Wifi Honey while all of the authentication attempts are monitored and recorded for cracking later on.
What you will need
To get started with Wifi Honey you just need the following:
- A bootable USB drive with Kali Linux installed
- A PC capable of running Kali Linux
- A wifi adapter (used for the monitoring interface mon0)
Running Wifi Honey
Running Wifi Honey is quite simple. Some tutorials advise in running wifite prior to starting WifiHoney so that a monitor interface is created. In this tutorial I did the same but I believe that this is not necessary for Wifi Honey however if you do run wifite beforehand do not close it while running Wifi Honey as it will cause problems for your Wifi Honey session.
If you need to learn how to use wifite you can learn how to do it in in an earlier post available here. So to get started run wifite and follow the prompts to create a monitor interface (mon0):
Now to run Wifi Honey run the following command in a separate window to wifite:
Usage: /usr/bin/wifi-honey <essid> <channel> <interface> Default channel is 1 Default interface is wlan0 Robin Wood <email@example.com> See Security Tube Wifi Mega Primer episode 26 for more information root@kali:~# /usr/bin/wifi-honey SSID_NAME 1 wlan0
Now sit back and wait as Wifi Honey collects the inputs which will all be stored as .cap files.
I tried to connect to the fake AP with an Android Phone (Samsung Galaxy S3) Heres what it looked like when connecting from the Android Phone:
Once you have collected all of the Raw files you can run through them with a program like aircrack-ng to attempt to recover the real AP password.
As always please let me know if found this article useful or if you didn't, Don’t forget to like this post or leave a comment below to let me know another area you would be interested in reading about. Thanks for your continued support!
Until Next Time!
The Security Sleuth