A musket team has rewritten the WPA2 phishing program initially produced by:

http://technicdynamic.com/2011/12/hacking-wpa-2-key-evil-twin-no-bruteforce
"All credit goes to their original work"

We have embedded a WPA Enterprise approach.
Altered Web page warnings
Easy loading of required information
Detailed setup info

You can download:

kaliphish.sh
verizon folder
enterprise folder
help files

A zip file kaliphish.zip with the above contents is available at:

http://www.axifile.com/en/C499791E65

When downloading axifile will assign a file named axifile.com-kaliphish.zip

Bring into view that which is hidden

MTA

First link is broken

First link is broken
http://technicdynamic.com/?p=369

A musket team has rewritten the WPA2 phishing program initially produced by:
<removed>
MTA

While thanks for the post and contribution, "A How to" usually means some detailed instructions along with an example. Also please fix the link in original post/How to, instead of making another post with a new link.

Dear blackMORE
The how to was so long that we attached it with the files in the download link. Furthermore there are web files and a long script that are needed to make the phishing program work. Forum rules do not allow us to show utube links to the original author but a little seaching with google and you will find links to the original. The axifile download link with the script file and web pages is still working. See the axifile link above, download the files, read and install and go fishing.

If you wish to reinstall your dnsmasq in Kali

Type
apt-get update && apt-get install -y linux-headers-$(uname -r)

When finished type

apt-get install dnsmasq

After completion you must rewrite your /etc/dnsmasq.conf. You need the following two(2) lines, see help files in download or overwrite the dnsmasq file with config file in download or manually enter two(2) lines as indicated below:

interface=at0
dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h

The Musket Team has refined this phishing attack. We have added a WPA module allowing you to mimic the Target AP at the beginning of the attack.

Using the WPA module in the attack requires monitoring the computer.

Attack sequence is as follows:

Setup a WPA encrypted rogueAP with same name.

RogueAP should have active clients associated. Use airodump-ng to monitor the client-targetAP state.

Choose a different channel at least three(3) channel numbers away from the targetAP to avoid mdk3 interference.

DOS the targetAP with an mdk3 –g or airdrop-ng.

Clients will try and access your WPA rogueAP but will be unable to, as the keys do not match. Airbase-ng running in the Eterm screen will show this activity.

With clients trying to associate to the rogueAP, shut the phish program down and retart.

Now choose the unencrypted rogueAP. And see if you get a bite.

Remember phishing requires pretty lures, guile, timing and some luck.


You can download new script file for free at:


http://www.axifile.com/en/92E92D240F


The script file is being rewritten to allow faster restart. When finished we will post here.

MTA

how to check it is running? :rolleyes:

The Musket Team has refined this phishing attack. We have added a WPA module allowing you to mimic the Target AP at the beginning of the attack.

Using the WPA module in the attack requires monitoring the computer.

Attack sequence is as follows:

Setup a WPA encrypted rogueAP with same name.

RogueAP should have active clients associated. Use airodump-ng to monitor the client-targetAP state.

Choose a different channel at least three(3) channel numbers away from the targetAP to avoid mdk3 interference.

DOS the targetAP with an mdk3 –g or airdrop-ng.

Clients will try and access your WPA rogueAP but will be unable to, as the keys do not match. Airbase-ng running in the Eterm screen will show this activity.

With clients trying to associate to the rogueAP, shut the phish program down and retart.

Now choose the unencrypted rogueAP. And see if you get a bite.

Remember phishing requires pretty lures, guile, timing and some luck.


You can download new script file for free at:


http://www.axifile.com/en/92E92D240F


The script file is being rewritten to allow faster restart. When finished we will post here.

MTA





i tried your script.

there was an error on the instructions

it should be dhcp-range not dhcprange nothing big but
what bothers me is
why does airbase crash when someone does connects to the ap?

First thanks for correcting us!

We have not run this script in a very long time as our efforts in phishing have been directed to WPA Phishing with pwnstar9.0. Except for WPA Enterprise we suggest you download our pwnstar9.0mv program. This is written specifically for WPA phishing. Links are found in aircrack-ng and kali forums

The best Phishing program for WPA Enterprise is a weaknet version. We have a download our version in the aircrack-ng forums and you can load Weaknet 4 on a usb flashdrive. The methods to install the weaknet program to a usb flash drive can be found again in the weakerthan web site.

As to why airbase-ng crashes at this time are unknown - previously the program ran fine.

If you tell us what you are trying to do we will provide what advice we can.

MTB