This tool creates a rogue Wi-Fi hotspot, ostensibly to provide wireless Internet services, but actually monitors traffic.
Dependencies:
- Python 2.7
Installation:
CODE:Copy to clipboard
git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
cd WiFi-Pumpkin
./installer.sh --install
or download the .deb file to install:
CODE:Copy to clipboard
sudo dpkg -i wifi-pumpkin-0.8.5-all.deb
sudo apt-get -f install
Capabilities:
- Fraudulent WI-FI hotspot
- Disabling AP Clients
- Traffic monitoring
- DHCP starvation attack
- Credential Monitoring
- Invisible Proxy
- Windows Update Attack
- Phishing
- Partial bypass of the HSTS protocol
- beef hook support
- "Poisoning" ARP
- DNS spoofing
- Patch binaries with MITM
- Karma attacks (hostapd-mana support)
- LLMNR, NBT-NS and MDNS "poisoning"
- Pumpkin-Proxy (ProxyServer (mitmproxy API))
- Capturing an image on the fly
- TCP-Proxy (with scapy)
linset is an Evil Twin Attack bash script.
Installing and running linset
This program has a number of dependencies. Some of the components necessary for it are already present in Kali Linux (or you installed them for other programs). But some need to be installed first. For Kali, these are the following packages:
CODE:Copy to clipboard
apt-get install isc-dhcp-server lighttpd macchanger php5-cgi macchanger-gtk
On other distributions, you may need to install additional programs. linset at startup will check for itself what is installed and what is not and displays the corresponding list.
Further as usual:
CODE:Copy to clipboard
cd ~/opt
git clone https://github.com/vk496/linset
cd linset
chmod +x linset ./linset
How linset works
- Scans networks
- Selects a network
- Captures a handshake (can be used without a handshake)
- We can choose from several web interfaces
- A fake TD is made to mimic the original
- A DHCP server is created on the fake AP
- A DNS server is created to redirect all requests to the Host
- Starts the web server with the selected interface
- The mechanism for checking the validity of passwords that have been entered is launched
- Deauthentication of all network users, in the hope that someone will connect to a fake AP
- The attack will stop as soon as the verification reveals the correct password