The following document is one of the case studies we carried out in the 1^st semester at the Advanced Cybersecurity MSc. (Polytechnic University of Bucharest). It describes how a rogue wireless access point (a.k.a. the “Evil Twin”) can be created to mimic a legitimate one, in order to trick users to connect to it.

The paper also contains a working proof-of-concept (PoC) that presents the main steps that I personally took while executing this attack (along with the needed hardware & software). This is something you should try only at home, on your own equipment .

The goal was to gracefully steal precious WiFi passwords with an Evil Twin and a little bit of Social Engineering, instead of applying brute-force to guess them (which sometimes takes a little bit too much time ).

The PPT presentation of the paper: