HAK5/packetsquirrel-payloads
1
0
Fork 0
mirror of https://github.com/hak5/packetsquirrel-payloads.git synced 2025-12-19 09:48:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b40d1f6172fcb4b1b741f9e3b7044330b97229fc
packetsquirrel-payloads/payloads/phishing/evil-portal/README.md
TW-D 35c80f8282 Evil Portal with Packet Squirrel Mark II 
Implementation of the fake captive portal attack on the **Packet Squirrel Mark II** using a compatible USB Wi-Fi adapter.
2025-11-05 08:24:30 -05:00

2.5 KiB
Raw Blame History

Evil Portal with Packet Squirrel Mark II

  • Author: TW-D
  • Version: 1.0
  • Category: Phishing

Description

Implementation of the fake captive portal attack on the Packet Squirrel Mark II using a compatible USB Wi-Fi adapter.

A evil portal is a technique used to deceive users of a Wi-Fi network by redirecting them to a malicious web page instead of the expected authentication or home page.

Tested On

Operating System with/without Web Browser Notification Type
Ubuntu 24.04 None
Android 11 System
Ubuntu 24.04 with Mozilla Firefox Alert

Prerequisites

In Arming Mode, make sure both the Ethernet "Target" Port and Ethernet "Network" Port are connected.

hacker@hacker-computer:~$ ssh root@172.16.32.1
root@squirrel:~# opkg update
root@squirrel:~# opkg install usb-modeswitch
root@squirrel:~# poweroff

Once the Packet Squirrel is powered off, connect the MK7AC WiFi Adapter.

Note

The Ethernet "Network" Port will no longer be required.

After startup, it is recommended to back up /etc/config/wireless, the Wi-Fi configuration file.

hacker@hacker-computer:~$ ssh root@172.16.32.1
root@squirrel:~# cp /etc/config/wireless /etc/config/wireless.default
root@squirrel:~# exit

Configuration

In the file payload, modify the values of the following constants.


######## INITIALIZATION ########

readonly EVIL_SSID="FREE_WIFI"

EVIL_PORTAL="/root/payloads/$(SWITCH)/portals/signin-form.html"
readonly EVIL_PORTAL

EVIL_LOOT="/root/payloads/$(SWITCH)/loots/signin-form_$(date +%s).log"
readonly EVIL_LOOT

Warning

The portal page must be a standalone HTML file, without external resources. This was deliberately implemented this way to ensure portability during a physical penetration test.

Then transfer the necessary files and folders into one of the switchX directories of the Packet Squirrel.

hacker@hacker-computer:~$ scp -r ./evil-portal/* root@172.16.32.1:/root/payloads/switchX/
hacker@hacker-computer:~$ ssh root@172.16.32.1
root@squirrel:~# poweroff

Note

The Ethernet "Target" Port will no longer be required.

Usage

Start your Packet Squirrel Mark II with the Mode Switch set to switchX. A new open WiFi network whose name corresponds to the value of the constant EVIL_SSID will appear. All HTTP requests sent by the client to the minimal web server will be stored in the loots directory. To properly stop the payload, press the button.

Reference in New Issue View Git Blame Copy Permalink