Wifiphisher

From Embedded Lab Vienna for IoT & Security
Jump to navigation Jump to search

Wifiphisher is a comprehensive framework for setting up rogue access points. The framework can be used during penetration tests to test Wi-Fi security, among other things. At the same time, with Wifiphisher an Evil Twin can be setup and used to test personal measures such as security awareness.

Wifiphisher

Wifiphisher is a robust malicious access point framework designed for red team deployments and Wi-Fi security testing. Wifiphisher allows penetration testers to take a man-in-the-middle position against wireless clients by performing targeted Wi-Fi mapping attacks. Wifiphisher can run on devices such as the Raspberry Pi and utilises modern Wi-Fi association techniques such as "Evil Twin", "KARMA" and "Known Beacons", making it a powerful tool for extended operations.[1]

Flexibility is one of the key features of Wifiphisher, which supports a variety of arguments and provides a collection of phishing templates for different deployment scenarios. Wifiphisher is characterised by its modularity, allowing users to develop both simple and complex Python modules to extend the tool's functionality or create custom phishing scenarios for specific targeted attacks.[1]

Despite its advanced capabilities, Wifiphisher remains user-friendly. Beginners can launch the tool with a simple command, while advanced users can take advantage of its many features. The interactive, text-based user interface guides testers through the creation of attacks, ensuring accessibility for users with varying levels of knowledge.[1]

Community based phishing pages

Since wifiphisher is community based, there are some extensions. Community-based phishing pages can be highlighted as an example. For example, there are phishing templates that imitate instagram, google or starbucks pages.[2]

First steps

Installation:

Firstly, you have to install the dependencies: 

 sudo apt-get install hostapd dnsmasq python-pyric python-jinja2

Wifiphisher can be cloned from the corresponding gitrepo: 

 git clone https://github.com/wifiphisher/wifiphisher.git
 cd wifiphisher
 sudo python setup.py install

Alternatively, wifiphisher can also be installed as follows: 

 sudo apt-get -y install wifiphisher

Starting wifiphisher: 

 sudo wifiphisher

After wifiphisher has been started, a process is run through in which the network to be imitated and the corresponding captive portal can be selected. The deauth process then starts. The big advantage of Wifiphisher over other frameworks such as Wifipumpkin3 is that the captive portal can be accessed via https and the user therefore does not receive a warning when entering the access data.


Help section: 

 sudo wifiphisher -h

All possible options, apart from the standard process, can be taken from the help section.

References

  1. 1.0 1.1 1.2 "wifiphisher " - available under: https://github.com/wifiphisher/wifiphisher - Retrieved 2024-01-01.
  2. "extra-phishing-pages" - available under: https://github.com/wifiphisher/wifiphisher - Retrieved 2024-01-01.
Retrieved from "https://wiki.elvis.science/index.php?title=Wifiphisher&oldid=13444"