I'm doing experimentation at home with different attacks, and implementations and find myself very interested in how an evil-twin attack would work. I run airmon-ng start wlan0
I don't get many error messages, except two possible devices that may 'give me issues', and the program suggests to kill those certain PID's if problems persist. Since I am doing this on my own device(s), I know the MAC and ssid of my own router, so I skip the airodump-ng mon0 part. From here, I attempt to setup the new evil twin AP with airbase-ng -a 00:11:22:33:44:55 --essid "shome" -c 11 mon0
From here, the AP is listed as 'up', but when I try to find it on another device, it is not listed ? Is the whole point of an evil-twin attack for the new SSID to be hidden so it coincides on their machine with the regular AP it remembers anyway ? I have a toshiba satellite with a built in wireless card, about 6 years old now. I'm wondering if this machine doesn't support packet injection, because in practicing other wireless attacks, it has a hard time grabbing the WPA2 handshake I noticed. I've done plenty of googling, and have tried this with my other newer toshiba satellite and am getting the same results. Just wanted some of your .02, not asking for spoon feeding. Thanks
