Linset Is Not a Social Enginering Tool
To run linset in Kali-linux, only two(2) additional programs are required(rqr). They are lighttpd and php5-cgi.
After you unzip the download, place the linset folder found in the download into root. This folder contains a php file, a backup php and an alldata.txt. You cannot change the name of the linset folder or place it in another location unless you change the bash coding.
The linsetmv1-2.sh phishing module only supports WPA Phishing. The program can be run with only one(1) Wi-Fi device that supports packet injection . You can start linsetmv1-2.sh by placing in root and typing ./linsetmv1-2.sh and/or place in the /user/bin/ folder and type linsetmv1-2.sh in a terminal window. Make sure you have allowed the file to be executed as a program. You can change the name to something shorter if you wish.
Once the program starts, a white xterm window runs with an airodump-ng scan. When you feel the scan has gotten the targets, Ctrl-C the xterm window and the program continues. Everything else it pretty straight forward. You will eventually get five(5) Xterm windows operating. The program will make a rogueAP on the same channel but the ESSID name will be the targetAP plus eight(8) spaces and a period. You can check the data.txt file in the tmp/TMPlinset/ folder for any WPA key obtained or look in the /root/linset/alldata.txt after program shutdown. The alldata.txt file will show all data previously phished while the data.txt file will show only that session and be erased at program termination.
How it works
- Scan the networks.
- Select network.
- Capture handshake (can be used without handshake)
- We choose one of several web interfaces tailored for me (thanks to the collaboration of the users)
- Mounts one FakeAP imitating the original
- A DHCP server is created on FakeAP
- It creates a DNS server to redirect all requests to the Host
- The web server with the selected interface is launched
- The mechanism is launched to check the validity of the passwords that will be introduced
- It deauthentificate all users of the network, hoping to connect to FakeAP and enter the password.
- The attack will stop after the correct password checking