The Greek security expert George Chatzisofroniou has developed WiFiPhisher, a WiFi social engineering tool that allows an attacker to steal credentials from users of secure WiFi networks.
WiFiPhisher is available for download on the software development website GitHub.
“Wifiphisher is a security tool that mounts fast automated phishing attacks against WPA networks in order to obtain the secret passphrase. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining WPA credentials.” states George Chatzisofroniou.
Wifiphisher run on Kali Linux and is licensed under the MIT license.
Wifiphisher is a tool that implements many of the known Wi-Fi hacking techniques by automating the attack scenario. WiFiPhisher relies on the “Evil Twin” attack, the attacker set up a bogus Wi-Fi access point, purporting to provide wireless Internet services, but eavesdropping the user’s traffic.
The bogus Access Point is used to serve to the users in the network faked login pages to steal their Wi-Fi credentials and other sensitive data. The attack scenario could be exploited to run man-in-the-middle attacks or to serve malware to the computers in the targeted network.
Wifiphisher tool first creates a phony wireless Access Point (AP) masquerade itself as the legitimate then to decouple users from the legitimate Wi-Fi Access Point run a denial of service (DoS) attack against the legitimate Wi-Fi access point, or exploit RF interference to force disconnection of the users from it, and prompts users to inspect available networks.
Once disconnected from users from the legitimate Wi-Fi access point, Wifiphisher forces offline the devices in the network and automatically re-connects them to the evil twin, which is used to spy on the traffic.
The WifiPhisher is very effective in the theft of user’s credentials, when the victim request a web page the tool will serve the victim a fake router configuration page, similar the original one, that will demand for WPA password confirmation due to a router firmware upgrade.
The WifiPhisher tool would not be possible to set up a fake access point without a password, this aspect is raising some doubts about its effectiveness.
“The tool is actually creating a second, unencrypted network. On Windows it will give you a warning that the configuration of the network has changed. On Android you’d have to manually reconnect to the unencrypted network. So their method doesn’t automatically perform a man-in-the-middle attack,” said a Reddit user.
(Security Affairs – WifiPhisher, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.