Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Information Security Inc.
Wifiphisher
Information Security Confidential - Partner Use Only
Contents
2
• About Wifiphisher
• Requirements
• How it works
• Testing Environment
• Installing Wifiphisher
• Using Wifiphisher
• References
Information Security Confidential - Partner Use Only
About Wifiphisher
3
• Wifiphisher is a security tool that mounts automated victim-
customized phishing attacks against WiFi clients in order to obtain
credentials or infect the victims with malwares
Information Security Confidential - Partner Use Only
Requirements
4
• Kali Linux. Although people have made Wifiphisher work on other
distros, Kali Linux is the officially supported distribution, thus all
new features are primarily tested on this platform
Information Security Confidential - Partner Use Only
Requirements
5
• One wireless network adapter that supports AP & Monitor mode
and is capable of injection. For advanced mode, you need two
cards; one that supports AP mode and another that supports
Monitor mode
Information Security Confidential - Partner Use Only
How it works
6
• Victim is being deauthenticated from her access point. Wifiphisher
continuously jams all of the target access point's wifi devices
within range by forging “Deauthenticate” or “Disassociate” packets
to disrupt existing associations
• Victim joins a rogue access point
• Victim is being served a realistic
specially-customized phishing page
Information Security Confidential - Partner Use Only
Testing Environment
7
• Kali Linux 2017
Information Security Confidential - Partner Use Only
Installing Wifiphisher
8
• Installing Wifiphisher
Information Security Confidential - Partner Use Only
Using Wifiphisher
9
• Starting Wifiphisher
Information Security Confidential - Partner Use Only
Using Wifiphisher
10
• Finding APs
Information Security Confidential - Partner Use Only
Using Wifiphisher
11
• Copying the AP and choosing the phishing scenario
Information Security Confidential - Partner Use Only
Using Wifiphisher
12
• Starting the fake AP
Information Security Confidential - Partner Use Only
Using Wifiphisher
13
• Capturing WPA key
Information Security Confidential - Partner Use Only
References
14
• Kitploit
http://www.kitploit.com/2016/12/wifiphisher-v12-automated-victim.html
• Kali Linux 2017
https://www.kali.org/downloads/