Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


WiFiPhisher Automated Phishing Attacks Against Wi-Fi Networks

  • Please log in to reply
1 reply to this topic

#1 NickAu


    Bleepin' Fish Doctor

  • Moderator
  • 13,832 posts
  • Gender:Male
  • Location: Australia
  • Local time:05:53 PM

Posted 05 January 2015 - 08:51 PM


A Greek security researcher, named George Chatzisofroniou, has developed a WiFi social engineering tool that is designed to steal credentials from users of secure Wi-Fi networks.
The tool, dubbed WiFiPhisher, has been released on the software development website GitHub on Sunday and is freely available for users.
"It's a social engineering attack that does not use brute forcing in contrast to other methods. It's an easy way to get WPA passwords," said George Chatzisofroniou.
However, there are several hacking tools available on the Internet that can hack a secure Wi-Fi network, but this tool automates multiple Wi-Fi hacking techniques which make it slightly different from others.
WiFiPhisher tool uses "Evil Twin" attack scenario. Same as Evil Twin, the tool first creates a phony wireless Access Point (AP) masquerade itself as the legitimate Wi-Fi AP. It then directs a denial of service (DoS) attack against the legitimate Wi-Fi access point, or creates RF interference around it that disconnects wireless users of the connection and and prompts users to inspect available networks.

Once disconnected from the legitimate Wi-Fi access point, the tool then force offline computers and devices to automatically re-connects to the evil twin, allowing the hacker to intercept all the traffic to that device.
The technique is also known as AP Phishing, Wi-Fi Phishing, Hotspotter, or Honeypot AP. These kind of attacks make use of phony access points with faked login pages to capture users’ Wi-Fi credentials, credit card numbers, launch man-in-the-middle attacks, or infect wireless hosts.


WiFiPhisher — Automated Phishing Attacks Against Wi-Fi Networks





BC AdBot (Login to Remove)


#2 CaveDweller2


  • Members
  • 2,629 posts
  • Gender:Male
  • Local time:02:53 AM

Posted 05 January 2015 - 10:16 PM

Is it wrong that as I was reading that I thought "Holy crap that is awesome" ? Also, I just so happen to run a VM of Kali hehehe

Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users