Changelog wifiphisher v1.2:
* -aI and –nojamming can be used in conjuction.
* Web server now starts after DHCP [@sophron]
* Support logging of multiple POST values [@sophron]
* Include some ASCII art [@sophron]
* Introduced ‘phishinghttp’ module and fixed bugs on HTTP server [@sophron]
* Users may now interactively choose the scenario they wish [@blackHatMonkey]
* Included an impoved algorithm for detecting and using two of the available network interfaces. [@blackHatMonkey]
* Introduced –presharedkey option. Users may now create Evil Twin against password-protected networks. [@sophron]
* Introduced “Browser Plugin Update” scenario. [@V1V1]
* Packaged the project. Dependencies can now be automatically installed with setup.py. [@sophron]
* Added the feature to detect AP vendor based on BSSID. [@lvrach]
* Included template engine. [@lvrach]
* Fixed issues on Ubuntu. [@lvrach]
* Fixed issues on Arch Linux. [@gtklocker]
* Included PyRIC project. [@blackhatMonkey]
* Introduced –essid option. This will skip the AP selection phase. [@sophron]
* Introduced –nojamming option. This will turn off deauthentication. [@sophron]
* Introduced new OAuth template. [@sophron]
* Introduced new “Wi-Fi Connect” template. [@dionyziz]
Wifiphisher is a security tool that mounts fast automated phishing attacks against WPA networks in order to obtain the secret passphrase. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining WPA credentials.
From the victim’s perspective, the attack makes use in three phases:
– Victim is being deauthenticated from her access point. Wifiphisher continuously jams all of the target access point’s wifi devices within range by sending deauth packets to the client from the access point, to the access point from the client, and to the broadcast address as well.
– Victim joins a rogue access point. Wifiphisher sniffs the area and copies the target access point’s settings. It then creates a rogue wireless access point that is modeled on the target. It also sets up a NAT/DHCP server and forwards the right ports. Consequently, because of the jamming, clients will start connecting to the rogue access point. After this phase, the victim is MiTMed.
– Victim is being served a realistic router config-looking page. wifiphisher employs a minimal web server that responds to HTTP & HTTPS requests. As soon as the victim requests a page from the Internet, wifiphisher will respond with a realistic fake page that asks for WPA password confirmation due to a router firmware upgrade.
– Kali Linux.
– Two network interfaces, one wireless.
– A wireless card capable of injection.
git clone https://github.com/sophron/wifiphisher
python wifiphisher.py -h (for helper)