To Mark:
The best way to test this program is to go thru the four steps we outline in both the main Pwnstar thread set up by Vulpi and in our help files.
Setup Pwnstar9
With a second wifi device.
1. See if the rogueAP name is seen.
2. Test if the second wifi device can connect(associate) to the rogueAP
3. Test to see if the second device can call up the phishing page.
4. Test to see if data can be written to the formdata.txt file from the second computer.
Advanced Testing
5. Deauth the targetAP and see if you can connect to it thru your second wifi device.
6. Deauth the targetAP and see if you can still connect to the rogueAP and pass data.
If the above all works it is just a matter of getting a phish to bite. WPA phishing is a social engineering attack. Computers are not forced onto the rogueAP, the client has to choose to connect. Read our suggestions about rogueAP names in the help files. MTeams suggest you explore all other avenues while you WPA Phish in this order:
1. Pixiedust
2. Reaver
3. Brute Force Run thru 8-10 numeric strings and then a good WPA dictionary - Use elcomsoft
4. Listen for probe requests of WPA key in clear text by collecting essidprobe data.
You should test item three and use the mithf program also. Connect your own device to the rogueAP and you can see all the data being past/
MTeams