The Greek security expert George Chatzisofroniou has developed WiFiPhisher, a WiFi social engineering tool that allows an attacker to steal credentials from users of secure WiFi networks.
WiFiPhisher is available for download on the software development website GitHub.
“Wifiphisher is a security tool that mounts fast automated phishing attacks against WPA networks in order to obtain the secret passphrase. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining WPA credentials.” states George Chatzisofroniou.
Wifiphisher run on Kali Linux and is licensed under the MIT license.
Wifiphisher is a tool that implements many of the known Wi-Fi hacking techniques by automating the attack scenario. WiFiPhisher relies on the “Evil Twin” attack, the attacker set up a bogus Wi-Fi access point, purporting to provide wireless Internet services, but eavesdropping the user’s traffic.
The bogus Access Point is used to serve to the users in the network faked login pages to steal their Wi-Fi credentials and other sensitive data. The attack scenario could be exploited to run man-in-the-middle attacks or to serve malware to the computers in the targeted network.
Wifiphisher tool first creates a phony wireless Access Point (AP) masquerade itself as the legitimate then to decouple users from the legitimate Wi-Fi Access Point run a denial of service (DoS) attack against the legitimate Wi-Fi access point, or exploit RF interference to force disconnection of the users from it, and prompts users to inspect available networks.
Once disconnected from users from the legitimate Wi-Fi access point, Wifiphisher forces offline the devices in the network and automatically re-connects them to the evil twin, which is used to spy on the traffic.
The WifiPhisher is very effective in the theft of user’s credentials, when the victim request a web page the tool will serve the victim a fake router configuration page, similar the original one, that will demand for WPA password confirmation due to a router firmware upgrade.
The WifiPhisher tool would not be possible to set up a fake access point without a password, this aspect is raising some doubts about its effectiveness.
“The tool is actually creating a second, unencrypted network. On Windows it will give you a warning that the configuration of the network has changed. On Android you’d have to manually reconnect to the unencrypted network. So their method doesn’t automatically perform a man-in-the-middle attack,” said a Reddit user.
(Security Affairs – WifiPhisher, hacking)