Wifiphisher is a tool that I love using on a daily basis.It's simple, easy and great for beginners and professionals.
WHAT YOU NEED:
- Laptop with onboard or additional Wifi-Adapter
- 2x Wifi-Adapters (recommended)
- Targets (optional)
I had to buy myself an additional Wifi-Adapter to the onboard one I got on my Laptop. Make sure you buy a compatible (supports monitor mode) one because in the picture below the one by "Belkin" is not compatible and therefore useless with Wifiphisher.
INSTALLATION:First, open your Terminal and type "git clone https://github.com/wifiphisher/wifiphisher"then go over and open the Wifiphisher directory with "cd wifiphisher"just follow up with the command "sudo python setup.py install"now you should be able to open Wifiphisher by just typing "wifiphisher" in the Terminal. IN CASE OF ERROR:For some people, Matplotlib might be missing like you can see in the picture below.
to solve the problem just type in Terminal "sudo apt-get install matplotlib"and you should be ready to go. Using Wifiphisher with deAuth (2x Wifi-Adapters needed)1. So you open Wifiphisher by typing "wifiphisher" in the Terminal and you will be able to see the following window.
here you can choose which Wifi-Device you want to attack. I guess it is obvious which one we are going to attack in this example.P.S. Always make sure to attack connections with clients on it otherwise you will wait till the sun goes up again2. Here we have the 4 phishing options that we can use.
Choose depending on what device your target has and what you want to accomplish.- If you want to Phish the Wifi-Password options 1 & 2 are great especially option 2 supports mobile devices which are great in case your target uses a mobile phone to reconnect to the Internet.
- If you want to drop a payload on your targets device make sure to use option 3. This option falsifies a browser update and serves your target with a Payload instead.- If you want to phish Facebook LogIn information option 4 is the one to go with. It has a great template that looks almost tempting to use.
3. Now that you chose your option just wait until your target reconnects to the Fake-Wifi-Spot created by you. Since you sent him deAuth-Packages he has to reconnect in order to be able to use the Internet.
The moment your Target connects his information will be displayed to you...
Once the Target types in his/her Information those will be displayed to you in RED. Using Wifiphisher without deAuth (only Facebook-Phishing)Since we don´t have 2 Wifi-Adapters we can not send deAuth-Packages in order to FORCE your target off his router.This is a great tool for public places like a Starbucks or the library. Since people are always looking for "FREE" Internet they also become very vulnerable to Phishing.1. In this case, you can not start Wifiphisher by just typing in "wifiphisher" like previously.Type in the command "wifiphisher -nJ -e ANY_NAME-YOU_WANT" like in the picture below...
The -nJ stands for the NoJamming-Option which starts Wifiphisher without the intention to "Jam" any target at all. 2. Now selects Option 4. which is the Facebook-Phishing option and let the good times role. 3. The rest will be pretty much just as previously mentioned.
I hope you guys enjoyed it. Follow me on Facebook, Twitter, and my BloGThis is for educational purposes only. Following these actions is extreme illegal behavior and will be prosecuted. So ALWAYS use a "LAB" environment or have the legal authority to follow these actions. I am not legally liable for any of your behavior.