Intro || Download || Changelog || Research || Sponsors

Changelog

Wifiphisher v1.4

Date: Jan 12, 2018

• Added dissociation frame to DEAUTH attack [@anakin1028]
• RSSI output fix [@anakin1028]
• Code quality fixes. [@blackHatMonkey]
• Introduced MAC address randomization [@anakin1028]
• Refactoring of interface management module [@blackHatMonkey]
• Introduced tox. [@blackHatMonkey]
• Added support for providing Internet to victim users via a wireless interface [@anakin1028]
• Tool now kills any interfering processes on startup [@anakin1028]
• Use curses everywhere for TUI [@anakin1028]
• Show the encryption type during AP discovery. [@sophron]
• Introduced Wifiphisher Extensions [@sophron]
• Introduced roguehostapd, a patched version of hostapd. [@anakin1028]
• Introduced WPA/WPA2 captured passphrase validation. [@anakin1028]
• Added WPS info during AP discovery. [@anakin1028]
• Added the option to perform DEAUTH attack based on ESSID [@anakin1028]
• Added operation moded [@sophron]
• Increased performance of modules [@blackHatMonkey]
• Made the tool run with only one physical interface [@anakin1028]
• Introduced --logging option [@blackHatMonkey]
• Introduced channel monitoring to check if target AP switches channel [@anakin1028]
• Introduced Known Beacons attack [@sophron]
• Introduced WPS PBC phishing attack [@anakin1028]

Wifiphisher v1.3

Date: Apr 15, 2017

• Introduced --quitonsuccess (-qS) option. [@javaes]
• Introduced Travis CI. [@d33tah]
• Install pylint in Travis. [@blackHatMonkey]
• Web server migration to Tornado. Fixes various bugs and increases performance. [@sophron]
• Remove DNS leases after the script restarts. [@laozi999]
• Introduced --internetinterface (-iI) option to provide Internet connectivity to victims. [@sophron]
• Added support for iOS and Android to our network manager imitation template. [@alexsalvetti]
• Introduced a new deauthentication module. [@blackHatMonkey]
• Introduced a new recon module, including new features in target AP selection phase. [@blackHatMonkey]
• Code refactoring including a more modular design. [@sophron]
• Introduced accesspoint module serving as a hostapd wrapper. [@sophron]
• Introducing Lure10, an attack for automatic association against Windows devices. [@sophron]

Wifiphisher v1.2

Date: Dec 5, 2016

• Web server now starts after DHCP [@sophron]
• Support logging of multiple POST values [@sophron]
• Include some ASCII art [@sophron]
• Introduced 'phishinghttp' module and fixed bugs on HTTP server [@sophron]
• Users may now interactively choose the scenario they wish [@blackHatMonkey]
• Included an impoved algorithm for detecting and using two of the available network interfaces. [@blackHatMonkey]
• Introduced --presharedkey option. Users may now create Evil Twin against password-protected networks. [@sophron]
• Introduced "Browser Plugin Update" scenario. [@V1V1]
• Packaged the project. Dependencies can now be automatically installed with setup.py. [@sophron]
• Added the feature to detect AP vendor based on BSSID. [@lvrach]
• Included template engine. [@lvrach]
• Fixed issues on Ubuntu. [@lvrach]
• Fixed issues on Arch Linux. [@gtklocker]
• Included PyRIC project. [@blackhatMonkey]
• Introduced --essid option. This will skip the AP selection phase. [@sophron]
• Introduced --nojamming option. This will turn off deauthentication. [@sophron]
• Introduced new OAuth template. [@sophron]
• Introduced new "Wi-Fi Connect" template. [@dionyziz]

Wifiphisher v1.1

Date: Jul 1, 2015

The actual first release of the tool happened on Jan 5 2015. Bugs have been tackled since then. I consider this a maintenance release (1.1) after the major release (1.0) that happened back then.

• Fixed compatibility with systems defaulting to python3. [@jaseg]
• Fixed bug with undefined variable (#7). [@yasoob]
• Fixed concatenation error. [@HassenPy]
• Code cleaning. [@yasoob]
• Added connection-reset template. [@shelt]
• PEP8 fixes [@HassenPy]
• Disallowed the usage of an Internet-connected interface for the Access Point as this would reset IP addressing. [@sophron]
• Fixed the bug with the empty password (#97). [@sophron]
• Code restructure. [@sophron]
• Catched exception when another process is listening to one of our ports. [@sophron]
• Output a message when hostapd cannot be installed. [@HassenPy]
• Added support for Pineapple's DD-WRT. [@tgalyean]