LabEx
Log InJoin Free

Select a Target Access Point for a Fluxion Attack

Beginner
Practice Now

Introduction

In this lab, you will begin exploring Fluxion, a powerful social engineering and Wi-Fi auditing tool. The first and most critical phase of any network assessment is identifying and selecting a target. You will learn how to use Fluxion to scan for available wireless networks, interpret the scan results, and choose a specific Access Point (AP) for a simulated attack.

This lab is designed for educational purposes and operates in a controlled environment with simulated Wi-Fi networks. You will gain hands-on experience with the initial steps required to set up a Fluxion-based security audit.

Rerun the Network Scan in Fluxion

In this step, you will launch Fluxion and start the network scanning process. This will allow you to see the simulated Wi-Fi networks available in this lab environment.

First, navigate into the fluxion directory that was created by the setup script.

cd ~/project/fluxion

Next, execute the main Fluxion script with sudo privileges. Fluxion requires root access to manage network interfaces.

sudo ./fluxion.sh

Upon launching, Fluxion may ask for your language. If prompted, type 1 for English and press Enter.

[+] Select your language
[1] English
...
[*] Language > 1

Next, Fluxion will ask you to select a wireless adapter and a channel to scan. For this lab, we want to find all available networks, so we will choose the option to scan all channels. Select option 1 for the All channels scanner.

[+] Select a wireless adapter
...
[+] Select a channel to scan
[1] All channels (2.4GHz & 5GHz)
[2] Specific channels (2.4GHz)
[3] Specific channels (5GHz)
[*] Scanner > 1

Fluxion will now open a new terminal window and begin scanning for networks.

Identify a Target Network from the List

In this step, you will observe the output of the network scan and identify a specific target. The scanner window displays a list of all detected Wi-Fi networks with important details.

Look at the scanner window. You will see a table similar to this:

CH  BSSID              PWR  Beacons    #Data, #/s  ESSID
 6  0A:1B:2C:3D:4E:5F  -30       10        0    0  Other_Network
11  A1:B2:C3:D4:E5:F6  -45       25        0    0  LabEx_WiFi
 1  F1:E2:D3:C4:B5:A6  -60       15        0    0  GuestNet

Let's break down the key columns:

  • CH: The channel the network is operating on.
  • BSSID: The MAC address of the Access Point. This is a unique hardware identifier.
  • ESSID: The public name of the Wi-Fi network (what you see when you search for Wi-Fi on your phone).

For this lab, our designated target is the network with the ESSID LabEx_WiFi. Locate this network in your scanner's list.

Note the Channel, BSSID, and ESSID of the Target

In this step, you will take note of the specific details for our target network, LabEx_WiFi. These details are essential for Fluxion to correctly target the Access Point in later stages.

From the scanner window, find the line corresponding to LabEx_WiFi and identify its CH (Channel) and BSSID.

Based on the example from the previous step, the details would be:

  • ESSID: LabEx_WiFi
  • BSSID: A1:B2:C3:D4:E5:F6
  • Channel: 11

Your BSSID will be different, but the ESSID and Channel should match the simulated environment. Make a mental note of these three pieces of information. You have now successfully identified and gathered the necessary data for your target.

Stop the Scan and Select the Target by Number

In this step, you will stop the network scan and select your target from the list that Fluxion provides.

To stop the scanning process, press Ctrl+C in the scanner window (the window showing the list of networks).

After you press Ctrl+C, the scanner window will close, and the main Fluxion terminal will display a numbered list of the networks it found.

[+] Select a target
[1] Other_Network
[2] LabEx_WiFi
[3] GuestNet
[*] Target >

Find the number that corresponds to your target, LabEx_WiFi. In the example above, it is number 2. Type this number at the prompt and press Enter to select it.

[*] Target > 2

Fluxion now knows which network you want to target.

Confirm the Target Selection in the Next Menu

In this step, you will confirm your target selection by choosing an attack vector. This action moves you to the next stage of the Fluxion workflow and verifies that the previous steps were completed correctly.

After selecting the target number, Fluxion will present a new menu with different attack options. The top of this menu will display the BSSID and ESSID of the target you just selected, confirming your choice.

[i] Target: A1:B2:C3:D4:E5:F6 (LabEx_WiFi)
[+] Select an attack
[1] FakeAP - Hostapd
[2] Captive Portal
[*] Attack >

Your goal in this step is to simply proceed to the next phase. The "Captive Portal" attack is the most common method used with Fluxion. Select this option by typing 2 and pressing Enter.

[*] Attack > 2

By doing this, you have successfully selected a target and an attack method, completing the initial phase of the Fluxion process. The subsequent steps of the Captive Portal attack will be covered in other labs.

Summary

In this lab, you successfully launched Fluxion and performed the fundamental first steps of a Wi-Fi security audit. You learned how to initiate a network scan to discover nearby wireless access points. You then practiced how to analyze the scan results to identify a specific target network, LabEx_WiFi, and note its critical information (BSSID, Channel, and ESSID). Finally, you selected the target within the Fluxion interface, preparing it for the next phase of a simulated attack. Mastering these initial steps is essential for using Fluxion effectively.