Do you need to get a Wi-Fi password but don't have the time to crack it? In previous tutorials, I have shown how to crack WEP, WPA2, and WPS, but some people have complained that cracking WPA2 takes too long and that not all access points have WPS enabled (even though quite a few do). To help out in these situations, I present to you an almost surefire way to get a Wi-Fi password without cracking—Wifiphisher.
Steps in the Wifiphisher Strategy
The idea here is to create an evil twin AP, then de-authenticate or DoS the user from their real AP. When they re-authenticate to your fake AP with the same SSID, they will see a legitimate-looking webpage that requests their password because of a "firmware upgrade." When they provide their password, you capture it and then allow them to use the evil twin as their AP, so they don't suspect a thing. Brilliant!
To sum up, Wifiphisher takes the following steps:
- De-authenticate the user from their legitimate AP.
- Allow the user to authenticate to your evil twin.
- Offer a webpage to the user on a proxy that notifies them that a "firmware upgrade" has taken place, and that they need to authenticate again.
- The Wi-Fi password is passed to the hacker and the user continues to the web oblivious to what just happened.
Similar scripts have been around for awhile, such as Airsnarf, but this new Wifiphisher script is more sophisticated. In addition, you could always do this all manually, but now we have a script that automates the entire process. Recently, another script named Fluxion has also gained popularity as an alternative to Wifiphisher. You can check out this great guide on Fluxion if Wifiphisher isn't working for you.
To do this hack, you will need Kali Linux and two network wireless adapters, one of which must be capable of packet injection. You can use the tried and true AWUS036NHA, or check out our guide on picking the best wireless network adapterfor Kali Linux.
No comments:
Post a Comment