Evil Portal
On this page, you will learn how to perform an Evil Portal attack with Flipper Zero to simulate a valid AP using different login templates to steal service credentials.
Evil Portal
An evil portal Evil Portalis a technique used in ethical hacking to intercept and collect credentials from users connected to Wi-Fi networks. It works by creating a malicious webpage that mimics the captive portal of a public or private network, tricking users into entering sensitive information such as usernames and passwords. Attackers often deploy an evil portal in conjunction with other attack tools, such as deauth, to force users to reconnect through the fake portal, thus facilitating the capture of confidential data.
To perform this technique we will use the following repository, which contains the necessary templates to carry out the attack within the directory /portals:
We need to have the Momentum firmware installed for it to work correctly. Once installed, the option will be Evil Portalenabled in:
Import templates
We need to download the repository to our computer and import the HTML templates from the directory /portalsin the following path:
Configure AP name
We can configure the AP name in the option Set AP name:
To insert spaces, hold down the middle button on the bottom bar _, and to type capital letters, hold down the middle button on a letter.
We can also download the ap.config.txt file and replace the default index.html file so that it loads automatically every time we start Evil Portal:
Select template
The option Select HTMLwill display all the HTML templates we've uploaded. We simply need to select the one we want, for example, the Google template.
Start Evil Portal
Once everything is configured, we simply select the "Start Portal" option, and this generates the malicious access point. When a user enters their credentials, we will receive them instantly in the Flipper. A log file will also be saved.
Last updated