Skip to content

Proof of concept. Using a ESP8266 as a Hotspot to steal credentials

Notifications You must be signed in to change notification settings

JordanEJ/ESP8266-Phishing-Hotspot

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 

Repository files navigation

ESP8266 Hotspot Phishing

Once uploaded to a ESP8266, a open hotspot will be created. When someone connects to this hotspot they will automaticly be rerouted to a sign in page where they have the choice of either signing in with google, twitter, facebook or with an email. The credentials will be saved on the ESP8266 where you can get them later

Usage

  1. Power up the ESP8266
  2. Wait for someone to connect to your hotspot and try to use their "free internet"😉
  3. Once they have been redirected to the login page they will hopefully put in their credentials into one of the signin options
  4. When you want to view the credentials you can go to "[ANY DOMAIN]/getinfo"
  5. If you would like to clear the saved credentials you can go to "[ANY DOMAIN]/deleteinfo"
  6. After the user has entered their details, they will be redirected to a simple page explaining how easy it could be for someone to steal their credentials.
  7. Mission Complete😎

**I AM NOT RESPONSIBLE FOR ANYTHING YOU DO WITH THIS CODE. I CAN ALMOST GUARANTEE THAT IT IS ILLEGAL TO USE IN ALL COUNTRIES. I DESIGNED THIS FOR FUN AND RESEARCH PURPOSES ONLY.**