WiFiPhisher – An Automated Phishing Tool for Secured WiFi Networks
A new security tool that helps attack secured WiFi networks has just been released on GitHub, the tool helps automate phishing attacks over a WPA or secured wireless network.
The tool released Sunday, dubbed WiFiPhisher, jams WiFi access points with injecting deauthentication packets, then mimicking the WiFi access point with a phony WPA login page.
Greek security researcher, George Chatzisofroniou, publicly released the tool yesterday, writing, “it’s a social engineering attack that does not use brute forcing in contrast to other methods. It’s an easy way to get WPA passwords.”
There are several different and notable methods to attack secure WiFi networks, WiFiPhiser automates several WiFi hacking methods, making its approach slightly different from traditional attacks.
WiFiPhiser runs on Kali Linux and requires two wireless network interfaces, with one being capable of injections, Chatzisofroniou wrote in the ReadMe details accompanying the WiFiPhiser tool.
WiFiPhiser uses and “Evil Twin” type attack, first creating a phony wireless access point, which is common in wireless hacking. The tool then disguises itself as the legitimate wireless network. After it appears as the network, the tool then directs a denial of service (DoS) attack against the legitimate wireless access point, or creates an RF interference around the network jamming and disconnecting all wireless devices connected at that time.
Users, unsuspecting, will begin searching for the WiFi network name, once again connecting to the access point, or the wireless device will once again connect to the evil twin, allowing hackers to intercept traffic, packets and more.
Chatzisofroniou said wifiphisher can also setup a NAT and DHCP server which can forward the right ports to unsuspecting victims.
The technique is similar or commonly referred to as WiFi phishing, honeypot access points, hotspotter, among other names. They generally make use of phony wireless network points with faulty login pages built to capture users WiFi credentials, network traffic, username and password logins, and to initiate man-in-the-middle attacks to sniff traffic.
After WiFiPhiser knocks the real network offline, as soon as users request another webpage they will be prompted with a realistic looking login page.
“Wifiphisher employs a minimal web server that responds to HTTP & HTTPS requests,” Chatzisofroniou writes. “As soon as the victim requests a page from the Internet, wifiphisher will respond with a realistic fake page that asks for WPA password confirmation due to a router firmware upgrade.”
If configured correctly, some Windows machines will warn the end user of promptly switching networks, noting it may be a style of attack and put their machine at risk. From that point forward, for the cybercriminal to gain access to their network traffic, the end user would have to physically ignore the warning, then searching and connecting to the faulty WiFi access point.
Chatzisofroniou is asking the community to help contribute to the tool, licensing it under Github allowing anyone to view and contribute freely to the tool. Users can visit Github, download and install the tool on their Kali Linux machine.
