Chapter 6. Man-in-the-Middle Attacks Using Evil Twin Access Points
As discussed in the previous chapter, man-in-the-middle attacks represent a real threat to the confidentiality and integrity of the wireless network and the clients who access it. We saw how traffic can be captured and manipulated between legitimate clients and the resources they are trying to access. We also explored how we can manipulate an existing wireless network to redirect client traffic flows. Another, and potentially more effective, way to see all of a client's wireless traffic is to become the access point they connect to.
In this chapter, we will set up an evil twin access point and, effectively, become the network infrastructure. This access point will act just like the legitimate access point in servicing clients; however, since we are in control of the configuration and the device running the AP services, we are able to capture and manipulate any of the traffic that traverses it. This opens up...