Wifiphisher
Wifiphisher is a comprehensive framework for setting up rogue access points. The framework can be used during penetration tests to test Wi-Fi security, among other things. At the same time, with Wifiphisher an Evil Twin can be setup and used to test personal measures such as security awareness.
Wifiphisher
Wifiphisher is a robust malicious access point framework designed for red team deployments and Wi-Fi security testing. Wifiphisher allows penetration testers to take a man-in-the-middle position against wireless clients by performing targeted Wi-Fi mapping attacks. Wifiphisher can run on devices such as the Raspberry Pi and utilises modern Wi-Fi association techniques such as "Evil Twin", "KARMA" and "Known Beacons", making it a powerful tool for extended operations.[1]
Flexibility is one of the key features of Wifiphisher, which supports a variety of arguments and provides a collection of phishing templates for different deployment scenarios. Wifiphisher is characterised by its modularity, allowing users to develop both simple and complex Python modules to extend the tool's functionality or create custom phishing scenarios for specific targeted attacks.[1]
Despite its advanced capabilities, Wifiphisher remains user-friendly. Beginners can launch the tool with a simple command, while advanced users can take advantage of its many features. The interactive, text-based user interface guides testers through the creation of attacks, ensuring accessibility for users with varying levels of knowledge.[1]
Community based phishing pages
Since wifiphisher is community based, there are some extensions. Community-based phishing pages can be highlighted as an example. For example, there are phishing templates that imitate instagram, google or starbucks pages.[2]
First steps
Installation:
Firstly, you have to install the dependencies:
sudo apt-get install hostapd dnsmasq python-pyric python-jinja2
Wifiphisher can be cloned from the corresponding gitrepo:
git clone https://github.com/wifiphisher/wifiphisher.git cd wifiphisher sudo python setup.py install
Alternatively, wifiphisher can also be installed as follows:
sudo apt-get -y install wifiphisher
Starting wifiphisher:
sudo wifiphisher
After wifiphisher has been started, a process is run through in which the network to be imitated and the corresponding captive portal can be selected. The deauth process then starts. The big advantage of Wifiphisher over other frameworks such as Wifipumpkin3 is that the captive portal can be accessed via https and the user therefore does not receive a warning when entering the access data.
Help section:
sudo wifiphisher -h
All possible options, apart from the standard process, can be taken from the help section.
References
- ↑ 1.0 1.1 1.2 "wifiphisher " - available under: https://github.com/wifiphisher/wifiphisher - Retrieved 2024-01-01.
- ↑ "extra-phishing-pages" - available under: https://github.com/wifiphisher/extra-phishing-pages - Retrieved 2024-01-01.