Results 1 to 10 of 10

Thread: WPA2 and WPA Enterprise phishing program for kali-linux available here

  1. #1
    Join Date
    2013-Jul
    Posts
    841

    WPA2 and WPA Enterprise phishing program for kali-linux available here

    A musket team has rewritten the WPA2 phishing program initially produced by:

    http://technicdynamic.com/2011/12/ha...-no-bruteforce
    "All credit goes to their original work"

    We have embedded a WPA Enterprise approach.
    Altered Web page warnings
    Easy loading of required information
    Detailed setup info

    You can download:

    kaliphish.sh
    verizon folder
    enterprise folder
    help files

    A zip file kaliphish.zip with the above contents is available at:

    http://www.axifile.com/en/C499791E65

    When downloading axifile will assign a file named axifile.com-kaliphish.zip

    Bring into view that which is hidden

    MTA

  2. #2
    Join Date
    2013-Apr
    Posts
    32
    First link is broken

  3. #3
    Join Date
    2013-Mar
    Location
    milano
    Posts
    301
    Quote Originally Posted by xxyxxyxx View Post
    First link is broken
    http://technicdynamic.com/?p=369

  4. #4
    Join Date
    2013-Jun
    Posts
    113
    Quote Originally Posted by mmusket33 View Post
    A musket team has rewritten the WPA2 phishing program initially produced by:
    <removed>
    MTA
    While thanks for the post and contribution, "A How to" usually means some detailed instructions along with an example. Also please fix the link in original post/How to, instead of making another post with a new link.

  5. #5
    Join Date
    2013-Jul
    Posts
    841
    Dear blackMORE
    The how to was so long that we attached it with the files in the download link. Furthermore there are web files and a long script that are needed to make the phishing program work. Forum rules do not allow us to show utube links to the original author but a little seaching with google and you will find links to the original. The axifile download link with the script file and web pages is still working. See the axifile link above, download the files, read and install and go fishing.

  6. #6
    Join Date
    2013-Jul
    Posts
    841
    If you wish to reinstall your dnsmasq in Kali

    Type
    apt-get update && apt-get install -y linux-headers-$(uname -r)

    When finished type

    apt-get install dnsmasq

    After completion you must rewrite your /etc/dnsmasq.conf. You need the following two(2) lines, see help files in download or overwrite the dnsmasq file with config file in download or manually enter two(2) lines as indicated below:

    interface=at0
    dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h

  7. #7
    Join Date
    2013-Jul
    Posts
    841
    The Musket Team has refined this phishing attack. We have added a WPA module allowing you to mimic the Target AP at the beginning of the attack.

    Using the WPA module in the attack requires monitoring the computer.

    Attack sequence is as follows:

    Setup a WPA encrypted rogueAP with same name.

    RogueAP should have active clients associated. Use airodump-ng to monitor the client-targetAP state.

    Choose a different channel at least three(3) channel numbers away from the targetAP to avoid mdk3 interference.

    DOS the targetAP with an mdk3 –g or airdrop-ng.

    Clients will try and access your WPA rogueAP but will be unable to, as the keys do not match. Airbase-ng running in the Eterm screen will show this activity.

    With clients trying to associate to the rogueAP, shut the phish program down and retart.

    Now choose the unencrypted rogueAP. And see if you get a bite.

    Remember phishing requires pretty lures, guile, timing and some luck.


    You can download new script file for free at:


    http://www.axifile.com/en/92E92D240F


    The script file is being rewritten to allow faster restart. When finished we will post here.

    MTA

  8. #8
    Join Date
    2013-Aug
    Posts
    19
    how to check it is running?

  9. #9
    Quote Originally Posted by mmusket33 View Post
    The Musket Team has refined this phishing attack. We have added a WPA module allowing you to mimic the Target AP at the beginning of the attack.

    Using the WPA module in the attack requires monitoring the computer.

    Attack sequence is as follows:

    Setup a WPA encrypted rogueAP with same name.

    RogueAP should have active clients associated. Use airodump-ng to monitor the client-targetAP state.

    Choose a different channel at least three(3) channel numbers away from the targetAP to avoid mdk3 interference.

    DOS the targetAP with an mdk3 –g or airdrop-ng.

    Clients will try and access your WPA rogueAP but will be unable to, as the keys do not match. Airbase-ng running in the Eterm screen will show this activity.

    With clients trying to associate to the rogueAP, shut the phish program down and retart.

    Now choose the unencrypted rogueAP. And see if you get a bite.

    Remember phishing requires pretty lures, guile, timing and some luck.


    You can download new script file for free at:


    http://www.axifile.com/en/92E92D240F


    The script file is being rewritten to allow faster restart. When finished we will post here.

    MTA




    i tried your script.

    there was an error on the instructions

    it should be dhcp-range not dhcprange nothing big but
    what bothers me is
    why does airbase crash when someone does connects to the ap?

  10. #10
    Join Date
    2013-Jul
    Posts
    841
    First thanks for correcting us!

    We have not run this script in a very long time as our efforts in phishing have been directed to WPA Phishing with pwnstar9.0. Except for WPA Enterprise we suggest you download our pwnstar9.0mv program. This is written specifically for WPA phishing. Links are found in aircrack-ng and kali forums

    The best Phishing program for WPA Enterprise is a weaknet version. We have a download our version in the aircrack-ng forums and you can load Weaknet 4 on a usb flashdrive. The methods to install the weaknet program to a usb flash drive can be found again in the weakerthan web site.

    As to why airbase-ng crashes at this time are unknown - previously the program ran fine.

    If you tell us what you are trying to do we will provide what advice we can.

    MTB

Similar Threads

  1. Replies: 1
    Last Post: 2017-10-13, 23:23

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •