Ready to Start Your Career?

MITM - Hacking With WiFi-Pumpkin

Jeret Christopher's profile image

By: Jeret Christopher

December 30, 2016

man-in-the-middleMITM - Hacking With WiFi-PumpkinHi, welcome to "man in the middle" hacking with Wifi-Pumpkin tutorial:This tutorial will show you how to get user credentials (social media credentials) using a tool called Wifi-Pumpkin on ParrotSec with a custom fake login page. Following hacks has been tested with ParrotSec (Linux operating system for pentesting) with Wifi-Pumpkin tool. You can also use Kali Os as the operating system for this hack to work.Here are the links for Parrotsec and Wifi-PumpkinBesides the application, you also need to make sure that you have an external wifi card that supports AP (access point) mode. I would recommend TP-Link WN722N. This wifi card has been proven to work with all sorts of wifi attacks. So for example if you are performing this attack at a "Starbucks" your internal wifi card will be connected to their wifi and your external card will be used for attack as the Rogue AP.What this tutorial will not cover is the installation process of ParrotSec Os or Kali Linux Os. Please find the installation documentation at their respective websites. Parrotsec can be installed as VMware or as the main operating system. The choice is entirely up to you. Please note that you must have some knowledge on VMware and Linux operating system.I will assume you have either Kali or ParrotSec running, next, we need to install Wifi-Pumpkin. The installation for this tool is really straight forward. Type this command in your terminal: git clone cd WiFi-Pumpkin ./ --installIf you do run into some errors while installing, please refer to their website for a solution. The reason for incomplete installation could just be that your Linux is missing some of its dependencies.Once the installation process completes, run it at the terminal "sudo wifi-pumpkin".  A beautiful Gui application pops-up. All your hacking is done right here. You don't need to open any other terminal and run painstaking commands to make it work.Wifi-Pumpkin comes withs loads of modules and plugins. For this specific tutorial, I will be concentrating on Rogue AP, Phishing Manager module and DNS Spoof module.Before we start hacking with this awesome tool, there are few more things that we need to do. That is we need to download the custom fake-portal from fake-portal. Download and unzip the files to your web server folder, which is normally under /var/www or /var/www/html.Next, we need to make sure our Mysql has the right database and tables to reflect the fake-portal. Mysql and Apache usually comes pre-installed in Kali and Parrotsec. If not you can follow the installation procedure on my fake-portal link.Open terminal and type "mysql -u root" , now you will be in MySQL console. Next, we need to create a database so type "create database rogue_AP;" and enter. The name rogue_AP can be anything you want. Just make sure you write it down somewhere for later use. We need to change to the current database which we just created. So type "use rogue_AP;". Next we need to create the correct tables, so type "create table social_login(socialn varchar(64), email varchar(64), userpassword varchar (64));"That's it for MySQL setup just make sure you run the above commands without the "double quotes". Next, we need to edit a file which we unzipped to var/www/html . Open up the file named "dbconnect.php" and edit this part:$host="localhost";  (this is normally localhost)$username="your mysql username";  (your MySQL username, default is root)$password="your mysql password";  (your MySQL password)$db_name="rogue_AP";  (the database name which you created)$tbl_name="social_login";  (leave this as default)Once done start MySQL with this command, "sudo /etc/init.d/mysql restart"*Please note if you have not set your MySQL root password, please set it first. You can follow this guide to set it up. brief introduction on WiFi-PumpkinWifi-Pumpkin is basically an MITM tool. The victim will connect to rogue ap and once connected, a victim will see a fake portal. In this fake-portal victim will be tricked in to logging in with their social media accounts in order to use so-called "free internet".Take note that this database does not in any way actually connects to the actual social media sites, hence there is no way verify whether their captured credentials are real or not. The only way to verify is to use the captured credentials and use it to login on the respective social media accounts.Now that everything is setup and ready to go, launch wifi-pumpkin. In the "settings" menu set your "Gateway" ip address (your router ip) , set "SSID" name to whatever you like, for example, "starbucks". Choose your available network adapter wlan0 or wlan1. Set class IP range address. If your current network uses a class C range, then make sure the range you select is not the same as your current network range. Save settings.Under "plugins" menu untick enable proxy server. Start the access point by clicking Start. Next, go to "modules" and select "phishing manager", under options select set directory. Set ip address to"SetEnv Path" will be the fake portal files which you unzipped to /var/www/html and start server.Next go to "modules" under "DNS::spoof" remove any URL in there by right clicking, clear all. Select redirect traffic from all users, and start the attack. Next under "view" select "monitor "NetCreds" and click capture logs.When victim connects to the rogue ap, you will see the login credentials here, and also at the main panel under "activity-monitor".And that's it! once down stop all servers. Use the captured credentials to try to login to a social media account like Facebook or others, depending on what the victim selected under the fake portal.Wifi-Pumpkin is an excellent tool for MITM,well-maintained app compared to mana-toolkit or any other MITM app out there. Try out other plugins and modules in there and start learning and hacking!Good Luck.
Like this article? Try this one, "Evil Twin Access Point | Wifi-Pumpkin"
Schedule Demo