Scribd Logo
Upload

Welcome to Scribd!

  • Cibersecurity Lab3

    Uploaded by

    100383762
    8 views5 pages
    This 3-page document describes implementing a fake WiFi hotspot to capture login credentials from users. It includes: 1) Creating an access point using hostapd to establish a fake "PRACIT-100383762" network. 2) Observing login emails and passwords in clear text after devices connect to the network. 3) Browsing the internet through the fake hotspot and noticing login pages appear from connectivity checks. 4) Capturing all network traffic using Wireshark, including requests to authentication servers.

    Original Description:

    Original Title

    Cibersecurity_lab3

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This 3-page document describes implementing a fake WiFi hotspot to capture login credentials from users. It includes: 1) Creating an access point using hostapd to establish a fake "PRACIT-100383762" network. 2) Observing login emails and passwords in clear text after devices connect to the network. 3) Browsing the internet through the fake hotspot and noticing login pages appear from connectivity checks. 4) Capturing all network traffic using Wireshark, including requests to authentication servers.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    8 views5 pages

    Cibersecurity Lab3

    Uploaded by

    100383762
    This 3-page document describes implementing a fake WiFi hotspot to capture login credentials from users. It includes: 1) Creating an access point using hostapd to establish a fake "PRACIT-100383762" network. 2) Observing login emails and passwords in clear text after devices connect to the network. 3) Browsing the internet through the fake hotspot and noticing login pages appear from connectivity checks. 4) Capturing all network traffic using Wireshark, including requests to authentication servers.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 5

    Master in Connected Industry 4.

    0
    Department of Telematic Engineering

    LAB 3: Fake Hotspot

    Cyber security of networks & cyber-physical system


    David Larrabeiti López Francisco Javier Sedano Jarillo

    Authors:
    Carlos Jaime Mérida 77233468C
    Carlos Mateos Cenjor 02560256B

    February 6th, 2022


    Lab 3: Fake Hotspot

    Table of contents

    Introduction .................................................................................................3

    Implementation and Results ........................................................................3

    2
    Lab 3: Fake Hotspot

    Introduction
    The aim of this lab is to prove that network is untrustable by creating a WIFI network in which
    we can sniff login data from the users. These data are the email used to login and the password
    of the account of that website.

    Implementation and Results


    We can create an access point of a free WIFI network by installing hostapd. In this case, the WIFI
    network is called PRACIT-100383762 (green square).

    Once a device is logged, we receive the following message in the device connected.
    Furthermore, we can know the login email or account and its password in tail window (red
    square).

    We receive the following information when we try to connect to these webpages:

    - https://ismyinternetworking.com -> it shows the information related to the network


    and the device IP.
    - http://neverssl.com -> it has an HTTP protocol which means this website is not sure.

    3
    Lab 3: Fake Hotspot

    We can browse on the Internet as we do usually through this WIFI network, all the movements
    are captured thanks to WireShark. Apart from this, when we ping in the following URLs such as
    clients3.google.com or gsp1.apple.com, the login page is reached as a result.

    Here as we can see in wireshark we request to acces to the webpage of connectivitycheck to


    check if we have connection to Internet:

    And here we can see the connection from the mobile phone to the fake hotspot that we
    stablished, the mobile phone is Redmi Carlos:

    4
    Lab 3: Fake Hotspot

    Finally, we introduce the commands iptables –t mangle –L and tcpdump –i any –n –w - | tee
    hotspot.pcap | tcmpdump –r - -n –e with the following results, as we can see we also see the
    packets that were captured and those that were received, and also the ones dropped by kernel.

    You might also like