It's imperative to bear in mind that proximity plays a pivotal role in the execution of these attacks. The closer one is to the targeted Wi-Fi network, the greater the likelihood of success when initiating such endeavours. Optimal effectiveness is achieved by positioning oneself in close proximity to the target, ensuring a superior transmission signal strength. The ultimate objective is to establish oneself as the preeminent transmitting source, thereby facilitating seamless connectivity for unsuspecting individuals.
To successfully execute this operation, it's imperative to possess two network cards endowed with injection capabilities, such as the Alfa or equivalent models. These cards enable the establishment of a bespoke AP, affording the operator the liberty to designate it with a chosen nomenclature. For instance, in the scenario where the target is identified as "CoffeeWiFi", the rogue access point should be configured to broadcast under the same appellation. One network card is designated for the deployment of the rogue access point, while the other is utilised for initiating a DoS assault against the authentic Wi-Fi connection.
Wifiphisher with AWUS036NH and AWUS036NHA network cards:
The utility of his tool lies in its exemption from the necessity of a 4-way handshake, rendering its deployment notably straightforward. However, a notable drawback is the reliance placed upon the accuracy of the victim's password input, as the absence of a corresponding handshake.cap file precludes the verification of the entered password. It's advisable, whenever feasible, to procure a 4-way handshake.cap file for enhanced operational efficacy.
1.- Ensure that you have two wireless network cards inserted into your Kali VM, and proceed to type in terminal:
Code: Select all
sudo airmon-ng check kill
sudo wifiphisher(It's recommended to employ the "check kill" command consistently prior to initiating any Wi-Fi attacks, as it serves as a prudent practice to adhere to on each occasion).
2.- On ocassion, certain Wi-Fi cards may exhibit a 0% power signal strength indication for the surrounding networks, a known anomaly associated with specific Alfa card models. Just disregard this discrepancy when encountered.
3.- Allow the tool to conduct an aerial scan for a few minutes to acquire comprehensive data. Once prepared, designate the Wi-Fi network you intend to focus on. Optimal targeting involves selecting Wi-Fi networks with superior signal strength and active client connections to maximise the efficacy of all subsequent attacks.
4.- Upon choosing the specific Wi-Fi network of interest, proceed to select the fourth option labelled "Firmware Upgrade Page".
5.- Subsequently, wifiphisher will proceed to de-authenticate all individuals currently linked to the designated network.
6.- Exercise patience for a duration of 1-3 minutes before assessing the targeted Wi-Fi network to ascertain the effectiveness of your endeavours. Following this interval, you should observe the authentic network's offline status, replaced by a replicated Wi-Fi network name offering an open connection for potential victims. At this juncture, success hinges upon individuals familiar with the password you're targeting connecting and inputting the requisite credentials.
7.- Upon the entry of the Wi-Fi password by the individuals, it shall be revealed within the terminal window where wifiphisher is operational, concurrently prompting the victims with an update interface. Subsequently, it's advisable to terminate this attack within a brief timeframe of 1-2 minutes post password capture to mitigate the risk of arousing suspicion.
8.- It's advisable to modify the default HTML files utilised by wifiphisher by substituting the "Netgear" files with those corresponding to the specific router being targeted, along with the requisite images. Delve into the tool's source code to locate the HTML files.
Should you wish to employ personalised phishing pages, type this command:
Code: Select all
sudo wifiphisher -pPD path_to_your_web_filesIt's essential to acknowledge that not all Wi-Fi routers are susceptible to a DoS attack.
During the testing phase, it's prudent to utilise either a mobile device or an additional laptop to establish a connection with the EvilTwin. This approach allows for a comprehensive understanding of the operational dynamics and the requisite actions for users. Following the testing process on a device, it's imperative to remove the network from said device's memory before conducting further assessments.