13 Years of Service
62%
WIFIPHISHER
George Chatzisofroniou has published a new Method for Hacking WPA/WPA2 Security using a WiFi social engineering tool designed to steal credentials from users of secure wireless networks.
The administrator at the University of Greece developed the WiFiPhisher tool which is used to discover and replicate WPA-protected networks, sans password.
The tool, can be downloaded from GitHub here and works by producing a number of deauthorisation packets at a legitimate access point jamming it and prompting users to inspect available networks.
Users will see the malicious network posing as their trusted access point.
1.) Victim is being deauthenticated from their access point. Wifiphisher continuously jams all of the target access point’s wifi devices within range by sending deauth packets to the client from the access point, to the access point from the client, and to the broadcast address as well.
2.) Victim joins a rogue access point. Wifiphisher sniffs the area and copies the target access point’s settings. It then creates a rogue wireless access point that is modeled on the target. It also sets up a NAT/DHCP server and forwards the right ports. Consequently, because of the jamming, clients will start connecting to the rogue access point. After this phase, the victim is MiTMed.
3.) Victim is being served a realistic router config-looking page. wifiphisher employs a minimal web server that responds to HTTP & HTTPS requests. As soon as the victim requests a page from the Internet, wifiphisher will respond with a realistic fake page that asks for WPA password confirmation due to a router firmware upgrade.
Here is a diagram of the above:
official page:
George Chatzisofroniou has published a new Method for Hacking WPA/WPA2 Security using a WiFi social engineering tool designed to steal credentials from users of secure wireless networks.
The administrator at the University of Greece developed the WiFiPhisher tool which is used to discover and replicate WPA-protected networks, sans password.
The tool, can be downloaded from GitHub here and works by producing a number of deauthorisation packets at a legitimate access point jamming it and prompting users to inspect available networks.
Users will see the malicious network posing as their trusted access point.
1.) Victim is being deauthenticated from their access point. Wifiphisher continuously jams all of the target access point’s wifi devices within range by sending deauth packets to the client from the access point, to the access point from the client, and to the broadcast address as well.
2.) Victim joins a rogue access point. Wifiphisher sniffs the area and copies the target access point’s settings. It then creates a rogue wireless access point that is modeled on the target. It also sets up a NAT/DHCP server and forwards the right ports. Consequently, because of the jamming, clients will start connecting to the rogue access point. After this phase, the victim is MiTMed.
3.) Victim is being served a realistic router config-looking page. wifiphisher employs a minimal web server that responds to HTTP & HTTPS requests. As soon as the victim requests a page from the Internet, wifiphisher will respond with a realistic fake page that asks for WPA password confirmation due to a router firmware upgrade.
Here is a diagram of the above:
official page:
This link is hidden for visitors. Please Log in or register now.