Credential phishing using Android Hotspot Captive Portals
-
android
-
termux
-
root - required for redirecting requests with iptables
Install packages
pkg install php tsu
Turn on hotspot
Set security to None
Rename hotspot as desired
Run redirect.sh as root
cd android-portals
sudo ./redirect.sh
cd example
php -S 0.0.0.0:8080
Android.WiFi.hotspot.phishing.mp4
Tested on Sony Xperia XZ1 Compact LineageOS 17.1 with Magisk
Hotspot fails to trigger "Tap here to sign in to network" without internet; Turning on Mobile data without load worked for me
Captive portal does not gracefully exit or authorizes user for internet connection since /generate_204 with http header 204 does not exist. Resources: android-captive-portal
Close captive portal after authentication Clean up redirect.sh rules Redo with proper web server
Project forked from fake-captive-portal-using-android-phone