WiFi-Pumpkin

Summary

Create a rogue Wi-Fi access point on Raspberry Pi.

Requirements

• Operating system: Kali Linux RaspberryPi 2 and 3
  • Version 2019.1
• Packages: Dependencies WiFi-Pumpkin

Description

Setup

Touchscreen

• Connect the small ribbon cable to the connector on the top of the board
• Fix the board to the screen with the four spacers
• Connect the white ribbon cable to the connector on the board
• Connect the four jumper wires to the 5V, GND, SCL and SDA pins on the display driver board
• Mount your Raspberry Pi onto the four spacers
• Connect the white ribbon to the Display Connector of the Raspberry Pi
• Connect the jumper wires (assuming your Raspberry Pi is in front of you with the GPIO on the right side):
  • GND to the third pin down on the right hand side
  • 5V to the second pin down on the right
  • SCL to the third pin down on the left hand side
  • SDA to the second pin down on the left hand side
  • Click here for more detailed information of the assembly
• Connect your keyboard and mouse to the Raspberry Pi
• Connect the ALFA wireless interface to the Raspberry Pi
• Do NOT power on yet

Installation

• Download, unzip and install Kali Linux RaspberryPi 2 and 3 (version 2019.1) on your SD card with the PC
• Insert the SD card into the Raspberry Pi and connect it with the power source
• Login with username "root" and password "toor"
• Open a terminal and update:

  apt-get update
  apt-get upgrade

Optional

• Change the password:

  passwd

• Regenerate SSH keys:

  dpkg-reconfigure openssh-server

• Expand the image to use all SD card space:

  apt-get install gparted

• Launch the tool and resize the ext4 partition to use the rest of the unused space

• Install WiFi-Pumpkin:

  git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git

  cd WiFi-Pumpkin

  chmod +x installer.sh

  sudo ./installer.sh --install

• Install dependencies:

  pip install -r requirements.txt

Usage

• Connect to the Internet with the internal interface of the Raspberry Pi (either wired or wireless)
• Identify the name of ALFA wireless interface (wlan1 in my case):

  iwconfig

• Set the ALFA wireless interface to monitor mode:

  ifconfig wlan1 down

  iwconfig wlan1 mode monitor

  ifconfig wlan1 up

• Start monitoring the networks:

  airodump-ng wlan1

• Check the channel of your target network (1 in my case)
• Set your ALFA to the appropriate channel:

  iwconfig wlan1 channel 1

• Check the frequency:

  iwlist channel

  iwconfig wlan1

• Start WiFi-Pumpkin:

  wifi-pumpkin

• A GUI opens
• Go to "Settings":
  • Change "SSID" to the same name as your target network (OpenHotSpot in my case)
  • Change "Channel" to the channel you discovered before (1 in my case)
  • Change "Network Adapter" to your ALFA's name (wlan1 in my case)
  • My target network does not have any security, so I leave "Wireless Security" unchecked
• Go to "Plugins":
  • Check "Enable Proxy Server"
  • Check "TCP Proxy"
  • Select "SSLStrip+DNS2Proxy"
• Hit start and watch the clients connect to your rogue AP!!

Used Hardware

• Raspberry Pi 3, Model B+, WLAN, BT
• Kingston 8GB micro SD-HC class 4
• Raspberry Pi 7" Display Touch Screen LCD
• Goobay micro-USB Netzteil 2.5A for Raspberry Pi
• ALFA NETWORK AWUS036ACH
• external mouse + keyboard
• PC

References

• https://lifehacker.com/how-to-build-a-portable-hacking-station-with-a-raspberr-1739297918
• https://www.offensive-security.com/kali-linux-arm-images/
• https://thepihut.com/blogs/raspberry-pi-tutorials/45295044-raspberry-pi-7-touch-screen-assembly-guide
• http://pi4j.com/pins/model-3b-rev1.html
• https://www.jamesachambers.com/2017/06/kali-linux-2017-1-raspberry-pi-3-official-raspberry-7-touchscreen-plug-and-play/
• https://github.com/P0cL4bs/WiFi-Pumpkin/wiki/Installation
• https://latesthackingnews.com/2018/09/13/wifi-pumpkin-wifi-security-audit-framework/
• http://www.conzu.de/en/man-in-the-middle-pumpkin-pi-wifi-pumpkin/