Evil Twin Access Point | WiFI Pumpkin

Profile image for skyle17
October 6, 2016 | Views: 6694

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Hello Everyone:

I would like to share how to setup an Evil Twin Access Point.

Pre-requisite:

Operating System: Kali 2.0/WifiSlax 4.11.1/Parrot 3.0.1/2.0.5

In other Linux like UBUNTU you need to install the following dependencies:

  •     Python 2.7
  •     hostapd
  •     isc-dhcp-server
  •     php
  •     aircrack-ng
  •     dnsmasq

WiFi Adapter: TP-LINK TL-WN722N – I use these on my presentation and demo using 2PCSS.

Note: If you are using VMWARE you can bridge the connection, Connect your OS to through WIFI, if you are using PURE Kali use one LAN for internet source and use the WIFI Adapter for FAKE AP

 

Installation:

git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
 cd WiFi-Pumpkin
 ./installer.sh --install

Note: Use sudo or install in root access.

 

WIFI Pumpkin

WiFi-Pumpkin is a open source security tool that provides the Rogue access point to Man-In-The-Middle and network attacks.

Features

  • Rogue Wi-Fi Access Point
  • Deauth Attack Clients AP
  • Probe Request Monitor
  • DHCP Starvation Attack
  • Credentials Monitor
  • Transparent Proxy
  • Windows Update Attack
  • Phishing Manager
  • Partial Bypass HSTS protocol
  • Support beef hook
  • Mac Changer
  • ARP Poison
  • DNS Spoof
  • Patch Binaries via MITM

 

Now, I  would like to share the process how to Capture POST Credentials Request using WiFi-Pumpkin.

CAPTURE CREDENTIALS POST

Step 1: We need to install follow instruction above.

Step 2: Just start using “sudo wifi-pumpkin” after installed

start

Step 3: Click Start -> View ->Credential NetCreds

Step 4: Capture Logs
Capture Logs

Step 4: If the Victim connected and login to nont-https
Login

Step 5: Viola, you get plain text credentials
Gotcha

This is for educational purpose and thank to the P0cL4bs Team

Stay tuned and I will show you next the tutorial in bypassing HSTS.

 

 

 

Share and Earn Cybytes
FacebookTwitterGoogle+LinkedInEmail
Save
+1
7
17
Use Cybytes and
Tip the Author!
Join
Share and Earn
Cybytes
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
Be the Best at Whatever You Do.
We Have the Tools to Get You There.
Visit the NEW Marketplace of Over 500 Skill Enhancement Tools.
17 Comments
  1. I’m getting these errors… any ideas?
    root@kali:~/WiFi-Pumpkin# sudo wifi-pumpkin
    Traceback (most recent call last):
    File “wifi-pumpkin.py”, line 45, in
    from core.main import Initialize
    File “/usr/share/WiFi-Pumpkin/core/main.py”, line 31, in
    from core.widgets.tabmodels import (
    File “/usr/share/WiFi-Pumpkin/core/widgets/tabmodels.py”, line 7, in
    from core.utility.threads import ThreadPopen
    File “/usr/share/WiFi-Pumpkin/core/utility/threads.py”, line 19, in
    from core.servers.proxy.controller.handler import MasterHandler
    File “/usr/share/WiFi-Pumpkin/core/servers/proxy/controller/handler.py”, line 1, in
    from plugins.extension import *
    File “/usr/share/WiFi-Pumpkin/plugins/extension/beef.py”, line 2, in
    from mitmproxy.models import decoded
    ImportError: No module named mitmproxy.models

  2. i got a problem over here why its not showing me the AP its not detecting please help. The device supports AP still its not able to detect.

  3. i have problem after installin wifi-pupmkin

    [email protected]:~/WiFi-Pumpkin# sudo wifi-pumpkin
    [✘] hostapd is not installed.
    Traceback (most recent call last):
    File “wifi-pumpkin.py”, line 50, in
    from core.main import Initialize
    File “/usr/share/WiFi-Pumpkin/core/main.py”, line 55, in
    from netfilterqueue import NetfilterQueue
    ImportError: No module named netfilterqueue

    How can i solve it. Pls rply

  4. Very interesting. A technique increasingly used.

  5. very good post

Page 3 of 3«123
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar
Cybrary works best if you switch to our Android-friendly app
Continue

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel