I am trying to understand the advantages of setting up a rogue AP, opposed to do a MITM attack with Ettercap.
One real advantage that I can think of is that you can just go somewhere, set up a rogue AP and wait till others connect so you can sniff all their traffic. But in my own WLAN, I could also just set up a MITM attack and sniff all traffic on this WLAN, right?
I thought that it was possible to set up a fake AP with a known SSID, which claims to need a WPA2 key. The victim enters the WPA2 key, and it shows up on the attacker's screen. This would be extremely good. Is this possible?
For example, at home my network is called 'homenetwork', and it has password 'homepassword'.
Is it possible to set up a fake AP with name 'homenetwork' which asks for a WPA2 key, and when the victim enters this password, it shows up on my screen and the user gets redirected to the real 'homenetwork' AP?
A problem here would be that the fake AP would need to be more powerful than the real AP. Or am I dreaming here?