# Rouge Access Point

**First Way (open Wi-Fi)**

Attacker simulate as a fake access point and make a `deauthenticate attack` to make client connected to Fake AP which attacker can steal credentials using fake pages

![image.png](https://3641998078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fv4bbPCMP2UOAXGuYloqD%2Fuploads%2F3U1NEVceC9aBhLxy3pco%2Fimage.png?alt=media)

***

### Second Way (Evil Twin)

<figure><img src="https://3641998078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fv4bbPCMP2UOAXGuYloqD%2Fuploads%2FEx1X1jDXw6AN6mUUT1mo%2Fimage%201.png?alt=media" alt=""><figcaption></figcaption></figure>

***

### How attack work ?

<figure><img src="https://3641998078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fv4bbPCMP2UOAXGuYloqD%2Fuploads%2FSmLBGfuhUow59cdRF7MQ%2Fimage%202.png?alt=media" alt=""><figcaption></figcaption></figure>

***

### Tools

**`Mana toolkit`** used to create a fake access point was connected to internet because in kali we connecting to NAT Network

**`MITM Proxy`** → sniff all traffic including passwords and usernames

<figure><img src="https://3641998078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fv4bbPCMP2UOAXGuYloqD%2Fuploads%2FC0QYwBToaEwYjhduAY9T%2Fimage%203.png?alt=media" alt=""><figcaption></figcaption></figure>