Hello Everyone:I would like to share how to setup an Evil Twin Access Point.
Kali 2.0/WifiSlax 4.11.1/Parrot 3.0.1/2.0.5In other Linux like UBUNTU you need to install the following dependencies:
WiFi Adapter: TP-LINK TL-WN722N
- Python 2.7
- I use these on my presentation and demo using 2PCSS.Note:
If you are using VMWARE you can bridge the connection, Connect your OS to through WIFI, if you are using PURE Kali use one LAN for internet source and use the WIFI Adapter for FAKE AP
git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin ./installer.sh --installNote:
Use sudo or install in root access.
WIFI PumpkinWiFi-Pumpkin is a open source security tool that provides the Rogue access point to Man-In-The-Middle and network attacks.
- Rogue Wi-Fi Access Point
- Deauth Attack Clients AP
- Probe Request Monitor
- DHCP Starvation Attack
- Credentials Monitor
- Transparent Proxy
- Windows Update Attack
- Phishing Manager
- Partial Bypass HSTS protocol
- Support beef hook
- Mac Changer
- ARP Poison
- DNS Spoof
- Patch Binaries via MITM
Now, I would like to share the process how to Capture POST Credentials Request using WiFi-Pumpkin.
CAPTURE CREDENTIALS POSTStep 1:
We need to install follow instruction above. Step 2:
Just start using "sudo wifi-pumpkin" after installedStep 3:
Click Start -> View ->Credential NetCredsStep 4:
Capture LogsStep 4:
If the Victim connected and login to nont-httpsStep 5:
Viola, you get plain text credentials
This is for educational purpose and thank to the P0cL4bs TeamStay tuned and I will show you next the tutorial in bypassing HSTS.