Pwnstar9.0 for Kali-linux 2016R1-2 released for testing
Musket Teams have voted to release their latest field version of Pwnstar9 for WPA Phishing and Open Hotspots for community testing.
Script supports Kali 2016R1R2 only!
1. Complete control of most aspects of the Rogue AP process. Such as mac spoofing, channels, AP names of various components, 2nd wifi device options and all aspects of internet connection when access thru captive portal.
2. Passive and Active DOS processes all run from only one(1) wifi device supporting packet injection. Passive DDOS allows RogueAP Clones running parallel with Rogue AP and still supporting active DDOS when required.
3. 17 Web Page folders supporting dns spoof and captive portals for both Open Web Sites, WPA Phishing AND WPA Enterprise
4. MITMf and sslslip, sslslip+ and sslstrip are setup thru menu options as required by user.
5. WPA Downgrade added to active DDOS choices available.
6 HTTPS trap to avoid warning to phish
7. Options for use of two(2) wifi devices
You can download the zip which contains a lengthy help file.
Last edited by mmusket33; 2017-02-04 at 06:19 AM.
Replace two files in the webpage folder with these updates
Corrects a small flaw on right side of background
Update available at either address below
I just tried the tool on a fresh install of 2016R2. Using choice 9 a with captive portal and sniffing, I was able to get the captive portal to work fine, but the victim machine could not get past the captive portal for further credential sniffing. Every refresh of browser or attempt to go to other site resulted in captive portal page again. Any thoughts on what I am doing wrong or potential bug? Target was iOS device with safari.
To social cred
1. If you want to do credential sniffing not WPA Phishing suggest you use item 3. This being said tell us the following and we will run some tests and get back to you as we are currently working on new pages.
1. What web page did you use?
2. Reference the HTTPS trap feature which selection did you use?
In general to get past the portal phishing page you first must enter data requested by the page correctly. If you use the HTTPS trap feature the phish will bypass the portal page until a http request is made. At that point the portal page is seen. Once data is entered correctly the phishing page is no longer seen unless you change your mac address and sign in with a different ip.
In closing use the HTTPS trap, get an association to the rogue and make a https request. You should be sent straight to the internet. Next change your request to http and you should get the portal page, 'Now enter the data requested and see what occurs.
Last edited by mmusket33; 2017-02-12 at 02:23 PM.
To social cred
Suggest you cross reference this post concerning airbase-ng
Last edited by mmusket33; 2017-02-12 at 02:28 PM.
New Web Pages and corrections to one folder are available at:
or download thru the following:
Newpages and Updates.zip