Free Tool Automates Phishing Attacks to Steal WiFi Passwords

By Ionut Ilascu    6 Jan 2015, 00:08 GMT

A security engineer released a tool that makes stealing the password for a WiFi network easier, by serving the victim a phishing page for typing in the secret key.
Called Wifiphisher, the utility has been created by George Chatzisofroniou and it is intended for penetration testing purposes, but it can also be used by an attacker.
Victims are forced to connect to a rogue router
The attack has three stages and begins by scanning the area for the targeted network and impersonating it; then it knocks the victim off the connection by throwing deauth packets to both the access point and the client.

Once this is done, Wifiphisher provides the victim access to the rogue access point that mimics the real one.

For this, the attacker needs to know the type of device the client connects to; this is not difficult to find out and it can be done based on the signature emitted by the device. Several free tools, including for mobile devices, are available, providing this type of information without the need to connect to the router.

According to the security engineer, the tool “also sets up a NAT/DHCP server and forwards the right ports. Consequently, because of the jamming, clients will start connecting to the rogue access point. After this phase, the victim is MiTMed [man-in-the-middle attack].”
No brute-forcing is required
The third phase of the attack consists in serving the victim the phishing page to enter the password for the legitimate WiFi connection, which actually lands in the hands of the attacker.

Wifiphisher includes a basic web server that is able to respond to both HTTP and HTTPS requests, thus allowing the delivery of the rogue web page when the client tries to access the web.

To eliminate suspicions, Chatzisofroniou said in the description of the tool that the page could pretend to be the result of a router firmware update alert that requires the password to the WiFi connection.

The tool has been designed to work on Kali Linux, an operating system based on Debian that is mostly used by penetration testers and in digital forensics activities.

The OS can also be used to run Metasploit, a framework for developing exploit modules, as well as executing them to assess the vulnerability level of a machine or network.

By relying on social engineering tactics, Wifiphisher basically eliminates the need to resort to brute-forcing in order to get the password.

Tags: , ,

Comments are closed.

%d bloggers like this: