Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares.
This site aims to provide with resources regarding the tool usage and the ongoing research. The most important changes (features, bugfixes etc) in each Wifiphisher version are described on the Changelog. Using Wifiphisher is covered on the Documentation Guide.
Happy phishing! :)
Wifiphisher v1.4 is out!
It has been more than nine months since the Wifiphisher 1.3 release and I'm very pleased to announce a new release for you to enjoy! This is the biggest release that we had so far and it includes many improvements, performance enhancements and bug fixes.The most important changes in Wifiphisher v1.4 are:
- Known Beacons Attack. Wifiphisher already comes with different Wi-Fi automatic association attacks (including KARMA and Lure10). Known Beacons is our new technique that forces wireless clients to unknowingly connect to an attacker-controlled Access Point by broadcasting dozens of known beacon frames. Almost all modern network managers are affected. For more information on this attack go to the Research page and check the video of the 34C3 lightning talk.
- Roguehostapd. We forked and patched hostapd for more sophisticated attacks. Roguehostapd has its own repo on Github and provides Python bindings for easy interaction with the Wifiphisher core.
- Wifiphisher extensions. The modular design that we followed allows to developers to hack Wifiphisher by writing simple extensions in Python that interact with the tool's core. The extensions are executed in parallel with speed and efficiency. API documentation will be out shortly but for the impatient ones, you can have a look at our first five extensions under the "wifiphisher/extensions" directory.
This release wouldn't be possible without the amazing contributions of the Wifiphisher community. Thanks to everyone who helped and especially to Wifiphisher core developers Brian Smith and Anakin Tung.
Wifiphisher v1.3 (with Lure10 support) is out!
This new release includes the Lure10 attack, a novel way for associating automatically with any device that is within range running the latest Windows. A couple of days ago I gave a presentation at Hack In The Box security conference in Amsterdam disclosing the technical details of this attack. You can find the presentation material on the Research page.
We now have a dedicated repo for phishing scenarios here. If you have ever created a phishing scenario using Wifiphisher's template engine, you are welcome to share it with the rest of the community by sumitting a Pull Request there.
Enjoy the new release everyone!
33C3 Lightning talk: Efficient Wi-Fi Phishing
Happy new year everyone.
Last week I was happy to give a lightning talk at 33C3. You can find all the material from the talk on the Research page.
Wifiphisher v1.2 is out!
Date: 2016-12-05Wifiphisher v1.2 is finally out. The two biggest improvements include:
- Three new phishing scenarios:
- WiFi Connect - A novel way for obtaining a PSK of a password-protected Wi-Fi network even from the most advanced users by showing a web-based imitation of the OS network manager.
- OAuth Login - A scenario for capturing credentials from social networks, like Facebook.
- Plugin Update - A scenario for getting the victims to download malicious executables (e.g. malwares containing a reverse shell payload)
- A new template engine. Users may now easily create their own phishing scenario or customize the existing ones according to their needs. Our documentation guide covers this new feature in much detail.
I would like to thank all the community contributing to this release by writing code or reporting bugs. Special thanks to:
- Kostis Karantias
- Stergios Kolios
- Dale Patterson
- Brian Smith
- Leonidas Vrachnis
- Dionysis Zindros
Enjoy the release and if you find any bugs you are encouraged to report them on our Github page.