MITM – Hacking With WiFi-Pumpkin

December 30, 2016 | Views: 34486

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

MITM – Hacking With WiFi-Pumpkin

Hi, welcome to “man in the middle” hacking with Wifi-Pumpkin tutorial:

This tutorial will show you how to get user credentials (social media credentials) using a tool called Wifi-Pumpkin on ParrotSec with a custom fake login page. Following hacks has been tested with ParrotSec (Linux operating system for pentesting) with Wifi-Pumpkin tool. You can also use Kali Os as the operating system for this hack to work.

Here are the links for Parrotsec and Wifi-Pumpkin

Besides the application, you also need to make sure that you have an external wifi card that supports AP (access point) mode. I would recommend TP-Link WN722N. This wifi card has been proven to work with all sorts of wifi attacks. So for example if you are performing this attack at a “Starbucks” your internal wifi card will be connected to their wifi and your external card will be used for attack as the Rogue AP.

What this tutorial will not cover is the installation process of ParrotSec Os or Kali Linux Os. Please find the installation documentation at their respective websites. Parrotsec can be installed as VMware or as the main operating system. The choice is entirely up to you. Please note that you must have some knowledge on VMware and Linux operating system.

I will assume you have either Kali or ParrotSec running, next, we need to install Wifi-Pumpkin. The installation for this tool is really straight forward. Type this command in your terminal:

 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
 cd WiFi-Pumpkin
 ./installer.sh –install

If you do run into some errors while installing, please refer to their website for a solution. The reason for incomplete installation could just be that your Linux is missing some of its dependencies.
Once the installation process completes, run it at the terminal “sudo wifi-pumpkin“.  A beautiful Gui application pops-up. All your hacking is done right here. You don’t need to open any other terminal and run painstaking commands to make it work.

Wifi-Pumpkin comes withs loads of modules and plugins. For this specific tutorial, I will be concentrating on Rogue AP, Phishing Manager module and DNS Spoof module.
Before we start hacking with this awesome tool, there are few more things that we need to do. That is we need to download the custom fake-portal from fake-portal. Download and unzip the files to your web server folder, which is normally under /var/www or /var/www/html.

Next, we need to make sure our Mysql has the right database and tables to reflect the fake-portal. Mysql and Apache usually comes pre-installed in Kali and Parrotsec. If not you can follow the installation procedure on my fake-portal link.

Open terminal and type “mysql -u root” , now you will be in MySQL console. Next, we need to create a database so type “create database rogue_AP;” and enter. The name rogue_AP can be anything you want. Just make sure you write it down somewhere for later use. We need to change to the current database which we just created. So type “use rogue_AP;“. Next we need to create the correct tables, so type “create table social_login(socialn varchar(64), email varchar(64), userpassword varchar (64));
That’s it for MySQL setup just make sure you run the above commands without the “double quotes“. Next, we need to edit a file which we unzipped to var/www/html . Open up the file named “dbconnect.php” and edit this part:

$host=”localhost“;  (this is normally localhost)
$username=”your mysql username“;  (your MySQL username, default is root)
$password=”your mysql password“;  (your MySQL password)
$db_name=”rogue_AP“;  (the database name which you created)
$tbl_name=”social_login“;  (leave this as default)

Once done start MySQL with this command, “sudo /etc/init.d/mysql restart”

*Please note if you have not set your MySQL root password, please set it first. You can follow this guide to set it up.

https://ubuntu.flowconsult.at/en/mysql-set-change-reset-root-password/

A brief introduction on WiFi-Pumpkin

Wifi-Pumpkin is basically an MITM tool. The victim will connect to rogue ap and once connected, a victim will see a fake portal. In this fake-portal victim will be tricked in to logging in with their social media accounts in order to use so-called “free internet”.

Take note that this database does not in any way actually connects to the actual social media sites, hence there is no way verify whether their captured credentials are real or not. The only way to verify is to use the captured credentials and use it to login on the respective social media accounts.

Now that everything is setup and ready to go, launch wifi-pumpkin. In the “settings” menu set your “Gateway” ip address (your router ip) , set “SSID” name to whatever you like, for example, “starbucks“. Choose your available network adapter wlan0 or wlan1. Set class IP range address. If your current network uses a class C range, then make sure the range you select is not the same as your current network range. Save settings.

Under “plugins” menu untick enable proxy server. Start the access point by clicking Start. Next, go to “modules” and select “phishing manager“, under options select set directory. Set ip address to 10.0.0.1.
SetEnv Path” will be the fake portal files which you unzipped to /var/www/html and start server.

Next go to “modules” under “DNS::spoof” remove any URL in there by right clicking, clear all. Select redirect traffic from all users, and start the attack. Next under “view” select “monitor “NetCreds” and click capture logs.
When victim connects to the rogue ap, you will see the login credentials here, and also at the main panel under “activity-monitor“.

And that’s it! once down stop all servers. Use the captured credentials to try to login to a social media account like Facebook or others, depending on what the victim selected under the fake portal.

Wifi-Pumpkin is an excellent tool for MITM,well-maintained app compared to mana-toolkit or any other MITM app out there. Try out other plugins and modules in there and start learning and hacking!

Good Luck.


Like this article? Try this one, “Evil Twin Access Point | Wifi-Pumpkin

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
34 Comments
  1. after complete all steps mobiles are connected but dont open any page or apps its show network but could not open any page like google. so how a person can go on http site without open google. any person do not type full url like http://www.xyz.com. He only type in google.

  2. after complete all settings and run wifi pumpkin it do not open any https or other application like whats’app etc. It shows error like “this site can’t be reach”. It only redirect http pages to loggin page

  3. hello bro pls post screen shot of this tutorial.

  4. Hi Guys

    I did all the stepts and almost everything are working….but i can’t get the redirection from my phone, what could be happening, should i enable linux redirection or something :/

    Regards

  5. Hi,

    I have followed your instructions to the letter twice. I can connect via another pc and phone but it just allows me to online without seeing the webpage to enter details.

    Have I missed something?

Page 3 of 4«1234»
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel