Wifiphisher
Wifiphisher is a comprehensive framework for setting up rogue access points. The framework can be used during penetration tests to test Wi-Fi security, among other things. At the same time, with Wifiphisher an Evil Twin can be setup and used to test personal measures such as security awareness.
Wifiphisher
Wifiphisher is a framework for spawning malicious access points, especially designed for red team deployments and Wi-Fi security pentesting. The framework allows pentester to perform man-in-the-middle attacks against wireless clients. Wifiphisher can run on devices such as the Raspberry Pi.[1]
The framework utilises modern Wi-Fi techniques and tactics such as "Evil Twin", "KARMA" and "Known Beacons. Wifiphisher is characterised by its modularity, allowing users to develop customized Python modules to extend the tool. Furthermore custom phishing scenarios for specific targeted attacks can be created.[1]
Despite its advanced capabilities, Wifiphisher remains user-friendly. The process can ne launched with a simple command, while advanced users can take advantage of its many features per command line. The interactive text-based console interface guides users through process of an attack, ensuring usability for users with varying levels of knowledge.[1]
Community based phishing pages
Since wifiphisher is community based, there are some extensions. Community-based phishing pages can be highlighted as an example. For example, there are phishing templates that imitate instagram, google or starbucks pages.[2]
First steps
Installation:
Firstly, you have to install the dependencies:
sudo apt-get install hostapd dnsmasq python-pyric python-jinja2
Wifiphisher can be cloned from the corresponding gitrepo:
git clone https://github.com/wifiphisher/wifiphisher.git cd wifiphisher sudo python setup.py install
Alternatively, wifiphisher can also be installed as follows:
sudo apt-get -y install wifiphisher
Starting wifiphisher:
sudo wifiphisher
After wifiphisher has been started, a process is run through in which the network to be imitated and the corresponding captive portal can be selected. The deauth process then starts. The big advantage of Wifiphisher over other frameworks such as Wifipumpkin3 is that the captive portal can be accessed via https and the user therefore does not receive a warning when entering the access data.
Help section:
sudo wifiphisher -h
All possible options, apart from the standard process, can be taken from the help section.
References
- ↑ 1.0 1.1 1.2 "wifiphisher " - available under: https://github.com/wifiphisher/wifiphisher - Retrieved 2024-01-01.
- ↑ "extra-phishing-pages" - available under: https://github.com/wifiphisher/extra-phishing-pages - Retrieved 2024-01-01.