WiFi Security Test tool, mesh sharp –wifiphisher

Book review: Look at the official introduction, need 2 wireless network card support, one should be used to affect the user and normal hotspot connection, that is, Dos attack, and another can simulate a fake AP waiting for user access, this attack will be on the internet of things and smart home security products such as a great impact, Specifically see my article "Door magnetic alarm system crack conjecture"

Original address: http://www.freebuf.com/tools/55754.html

Disclaimer: The site provides security tools, procedures (methods) may be offensive, only for security research and teaching purposes, at your own risk!

Greek security researcher George Chatzisofroniou developed a WiFi security test tool called Wifiphisher, although there are many tools available online that can crack wireless networks, but Wifiphisher is different It does not need to use brute force attacks to get the user's wireless WiFi password. If you are interested, you can download it on GitHub for free.

wifiphisher principle

1. It will first create a fake wireless access point (AP) and disguise itself as a legitimate WiFi AP, and then to the legitimate wireless The access point (AP) launches a Dos attack, or creates an RF interference around it.

All in all, the idea is to have the user device disconnect from the original wireless connection so that the user can find a wireless network that is not available nearby so that it is possible to connect to a fake AP.

2. Once the user has disconnected the original legitimate wireless connection, then the user device will automatically reconnect to the forged AP manufactured by Wifiphisher. After a series of preparations, the attacker can hijack the network traffic on the target device.

This technique is also known as AP Phishing,wifi Phishing,hotspotter or Honeypot ap. These techniques are used to capture a user's WiFi password, credit card number, a man-in-the-middle attack, or an intrusion to a wireless host using a bogus access point fake login interface.

3. No matter what page the victim visits, Wifiphisher will provide the victim with a very realistic router configuration change interface, which is said to modify the router password due to router firmware update ...

Such as:

Because the tool could be exploited illegally by malicious attackers, it has been controversial. Currently Wifiphisher only supports Kali Linux systems.

Official: Https://github.com/sophron/wifiphisher

WiFi Security Test Tool, –wifiphisher (turn)