Difference between revisions of "Wifipumpkin3"
| Line 35: | Line 35: | ||
== Some examples of use == | == Some examples of use == | ||
The operation of wifipumpkin3 is reminiscent of the operation of Metasploit. The framework can be started as follows: | |||
sudo wp3 | |||
'''The following commands are relevant for setting up an Evil Twin:<ref name=”RE3”>"Getting Started - Usage" - available under: https://wifipumpkin3.github.io/docs/getting-started#usage - Retrieved 2024-01-01.</ref>''' | |||
Display all information/parameters about the access point to be spawned: | |||
ap | |||
As in Metasploit, the variables of the AP can be set with set: | |||
set | |||
Display installed proxies: | |||
proxies | |||
A proxy can be activated or set as follows: | |||
set proxy proxy_name | |||
The configured access point can be started with the following command: | |||
start | |||
The AP then starts according to the entered configurations, whereby, depending on the proxy, the traffic or the connected devices and intercepted credentials of the captive portal are then displayed, for example. | |||
Revision as of 18:10, 3 January 2024
Wifipumpkin3 is a framework for setting up rogue access points and the associated evil twins. The framework is written in Python. [1]
Features
According to the authors, the main features of the framework are as follows [1]:
Rogue access point attack Man-in-the-middle attack Module for deauthentication attack Module for extra-captiveflask templates Rogue Dns Server Captive portal attack (captiveflask) Intercept, inspect, modify and replay web traffic WiFi networks scanning DNS monitoring service Credentials harvesting Phishkin3 (Support MFA phishing attack via captive portal) EvilQR3 (Support Phishing QR code attack) Transparent Proxies
Installation
Wifipumpkin3 is written in Python3, which is why the installation of Python3 (version 3.7 or later) is required. In addition, it requires a Wi-Fi adapter that allows access point (AP) mode. Windows and Mac OSX are currently (01.01.2024) not supported. [2]
Installation:
Dependencies should be installed first:
sudo apt install python3.7-dev libssl-dev libffi-dev build-essential python3.7
Then wifipumpkin3 can be cloned from the github repo and uninstalled:
git clone https://github.com/P0cL4bs/wifipumpkin3.git cd wifipumpkin3 sudo make install
Alternatively, wifipumpkin3 can be installed under Kali Linux (2022.2) as follows:
sudo apt install wifipumpkin3
Some examples of use
The operation of wifipumpkin3 is reminiscent of the operation of Metasploit. The framework can be started as follows:
sudo wp3
The following commands are relevant for setting up an Evil Twin:[3]
Display all information/parameters about the access point to be spawned:
ap
As in Metasploit, the variables of the AP can be set with set:
set
Display installed proxies:
proxies
A proxy can be activated or set as follows:
set proxy proxy_name
The configured access point can be started with the following command:
start
The AP then starts according to the entered configurations, whereby, depending on the proxy, the traffic or the connected devices and intercepted credentials of the captive portal are then displayed, for example.
References
- ↑ 1.0 1.1 "Wifipumpkin3" - available under: https://github.com/P0cL4bs/wifipumpkin3 - Retrieved 2024-01-01.
- ↑ "Getting Started - Installation" - available under: https://wifipumpkin3.github.io/docs/getting-started - Retrieved 2024-01-01.
- ↑ "Getting Started - Usage" - available under: https://wifipumpkin3.github.io/docs/getting-started#usage - Retrieved 2024-01-01.
- ↑ "Getting Started - Proxies" - available under: https://wifipumpkin3.github.io/docs/getting-started#proxies - Retrieved 2024-01-01.