WPA/WPA2 Automated Evil Twin

About

Wifiphisher is a security tool that mounts fast automated phishing
attacks against WPA networks in order to obtain the secret passphrase.
It is a social engineering attack that unlike other methods it does not
include any brute forcing. It is an easy way for obtaining WPA
credentials.

Wifiphisher works on Kali Linux and is licensed under the MIT license.

From the victim’s perspective, the attack makes use in three phases:

  1. Victim is being deauthenticated from her access point.
    Wifiphisher continuously jams all of the target access point’s wifi
    devices within range by sending deauth packets to the client from the
    access point, to the access point from the client, and to the broadcast
    address as well.
  2. Victim joins a rogue access point. Wifiphisher sniffs
    the area and copies the target access point’s settings. It then creates a
    rogue wireless access point that is modeled on the target. It also sets
    up a NAT/DHCP server and forwards the right ports. Consequently,
    because of the jamming, clients will start connecting to the rogue
    access point. After this phase, the victim is MiTMed.
  3. Victim is being served a realistic router config-looking page.
    wifiphisher employs a minimal web server that responds to HTTP &
    HTTPS requests. As soon as the victim requests a page from the Internet,
    wifiphisher will respond with a realistic fake page that asks for WPA
    password confirmation due to a router firmware upgrade.

 

 Below is the screenshot that how MiTM attack works

You can get more info about the program and download link from : HERE

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s