Image: Latest Hacking News

The security audit framework used to test the security of wifi against threats like the man in the middle attacks is known as Wifi Pumpkin. The tool generates fake access points to employ MITM attacks on wifi networks.

 The machine is capable of utilizing cyber-attacks, such as by developing fake/rogue access points, de-authenticating clients from access points, DHCP starvation attacks, Windows updates attacks, Karma attacks, DNS spoofing, and ARP poisoning. Moreover, Wifi Pumpkin carries the potentiality of phishing, credentials monitoring, and capturing images on the fly.

Wifi Pumpkin is operated by the support of Kali Linux, Parrot OS, Pentoo, and Ubuntu. By cloning the framework from GitHub and running the installer as shown in the following commands Wifi Pumpkin can be installed.

git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
cd WiFi-Pumpkin
chmod +x installer.sh
sudo ./installer.sh --install

Wifi Pumpkin requires the following software to operate.

  • hostapd
  • is-DHCP-server
  • php5-cli
  • rfkill
  • iptables
  • nmcli

Isc-DHCP-server and php5-cli are optional. The dependencies can be installed by running the requirements.txt file as follows.

pip install –r requirements.txt

How Wifi Pumpkin Works

There are many ways to use Wifi Pumpkin. For demonstration purpose, we are going to develop a rogue access point where anyone can join without requiring any credentials. To make wifi access point Wifi Pumpkin needed Ethernet and wifi adapter. Run the following command to check the available wifi interface.

iwconfig

In most of the cases, it is wlan0.  The next step is to launch the Wifi Pumpkin. Operate the following command to release the Wifi Pumpkin interface.

wifi-pumpkin

If that does not perform, run the same command with sudo option i-e

sudo wifi-pumpkin

After opening the Wifi Pumpkin interface, go to the plugins tab to choose the desired plugins for auditing or simulating the wifi attack.

After that, you need to configure the access point from the settings tab. The settings tab provides various configurations to adapt, such as Access Point setting (configuring SSID and BSSID, choosing the network adapter), activity monitor setting, and DHCP setting.  The settings tab doesn’t have an option of enabling wireless security. Keep it unchecked for creating rogue access point without any credentials.

Once you are done with the setting, press the start button to allow the access point to broadcast the free wifi in the vicinity.  Wifi Pumpkin has an activity monitoring window that records all the traffic of the users who are connected with the rogue access point.

Source: Click Here

Previous articleKnow The Financial Procedure For Buying Bikes In NADA 2018
Next articleApple Brings Dual Sim IPhone
Mina Aryal
http://ictframe.com/
Mina Aryal is a Nepali tech journalist and media expert. She is currently the chief editor of ICT Frame, a leading online tech media outlet in Nepal that covers topics such as technology, business, and entrepreneurship. Aryal has been involved in the field of tech journalism for over a decade and has covered various topics such as internet governance, cybersecurity, e-commerce, and startup ecosystems. She has also been involved in organizing and promoting tech events in Nepal to bring together tech enthusiasts, entrepreneurs, and investors to discuss and collaborate on various topics related to the tech industry. Aryal is considered one of the most influential tech journalists in Nepal and has been recognized for her contributions to the field.

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here