

Wifiphisher: Fast automated phishing attacks against WPA networks - sophron
https://github.com/sophron/wifiphisher

======
gipsies
This is misleading. When using WPA the client and access point perform mutual
authentication. This means that if you don't know the password, you cannot set
up a rogue access point that "copies the target access point's settings".
Because you don't know the password! And if you'd use a random password, the
client will refuse to connect to the rogue AP.

The tool is actually creating a second, unencrypted network. On Windows it
will give you a warning that the configuration of the network has changed. On
Android you'd have to manually reconnect to the _unencrypted_ network. So
their method doesn't automatically perform a man-in-the-middle attack. A
decent setup will warn you about this. Sure, if a user ignores all OS
warnings, connects to an unencrypted network anyway, and feels the need to
type his password in random fields s/he never saw before, then this will work
[3].

What would be more interesting is to jam the target network, using an _actual_
jammer [1], and then perform a KARMA man-in-the-middle attack [2]. The idea is
to listen for probe requests to unencrypted networks, and then clone that
unencrypted network. In this case the user would automatically connect, making
the attack more likely to succeed...

[1]
[http://people.cs.kuleuven.be/~mathy.vanhoef/papers/acsac2014...](http://people.cs.kuleuven.be/~mathy.vanhoef/papers/acsac2014.pdf)

[2] [http://www.theta44.org/karma/](http://www.theta44.org/karma/)

[3] Perhaps I'm a bit cynical, but I suppose it might actually work some of
the time... :(

~~~
vletmixutechre
I suspect many average end-users will click 'whatever' in order to try to make
things work again.

------
ytjohn
The reason I don't think this would work is because no one knows their wifi
password.

~~~
drinkyouroj
This was my thought, too - and those that do would recognize the fake control
panel.

I think it's becoming more and more common for the PSK to come on a sticker
from the all-in-one router/modem your ISP sends you. So, the user never sets a
passphrase, never sees the control panel, and has the key ready to hand out by
just looking at their "internet box." This attack is perfect for that.

~~~
yoshamano
If you bump into enough of these devices you'll learn that most use a limited
keyspace for their encryption key. Case in point, the Motorola NVG510 used by
AT&T Uverse HSI ADSL2+ (not to be confused with AT&T Uverse VDSL). They are
all programmed with a SSID of ATT### and use a ten digit numerical PSK. As far
as brute forcing them, it took my GeForce 550 three days to find the key of my
test unit, and if I remember correctly five days to scan the entire keyspace.
A newer and faster video card could have done it in hours.

If manufacturers stopped using fixed length keys for a particular product line
and made use of the entire alphabet it would make this kind of exercise
infeasible.

~~~
limaoscarjuliet
Using good passwords (i.e. alphanum, case sensitive, perhaps with some special
characters) in end user deployment is a support nightmare. Imagine you are
trying to tell such password to user over a phone on a support call. The 10
digit number sequence is unsafe but is easy to handle - people are used to
phone numbers and account numbers.

~~~
tga_d
A 10 digit number sequence has 33.2 bits of entropy. 3 diceware words has 38.7
bits of entropy. I don't think 10 numerical digits is easier to relay than 3
words. Although either would be far short of the ~90 considered fully secure,
I think it's safe to say there are plenty of designs that would have been both
safer _and_ easier to use.

~~~
pyre
The words themselves are prone to end-user screw-ups though. Think of how many
people don't know how to spell correctly... :P

------
leke
My network connection security setting is 'WPA & WPA2 Personal'. This works on
WPA but apparently not on WPA2. Will this attack work on my wifi?

~~~
jagermo
Yes, Because it generates and unecrypted wifi with the same SSID as your
access point. If you connect to that, it will server you the site and you
enter your "password" wich is actually your WPA/WP2 Pre Shared Key.

If you want to be save against this special kind of attack, you could use a
RADIUS-based authentification, where every user gets a certificate and
Username/Password instead of one general shared key.

It is a little tricky, but if you are running a NAS from a vendor like
synology or qnap you could use their RADIUS packages to set it up.

------
ikeboy
This looks really cool. However, when I first read the words "social
engineering", I expected it to create another access point _encrypted the same
way_ , and get the code direct from the victim. This way seems less fool-
proof.

Is my suggestion at all possible, or is the code transmitted while connecting
useless unless you already have it? (Well it's not _useless_ , as it can be
brute-forced by aircrack-ng locally. I'm wondering if what's transmitted is
like a hash of the passphrase, which isn't useful, or encrypted with a one
time key sent by the access point, in which case my idea is much better.)

~~~
ytjohn
The code is never trasnmitted. The data is encrypted with the code and only
the code on the other side can be used to decrypt it.

Most brute-force systems work by capturing packets to hard drive and then
attempting to decrypt them offline. Or you can upload your captures to the
cloud: [https://www.cloudcracker.com/](https://www.cloudcracker.com/)

~~~
ikeboy
What about setting up a WEP access point to impersonate the WPA one, then
getting the password from that? Still seems more likely to work than what it's
doing now.

~~~
jagermo
You'd still need the Pre-Shared key to create a legitemate looking access
point, so it is kind of a catch-22.

WPA/WPA2 as a system is actually not that bad (for home use).

~~~
ikeboy
Why? If WEP is vulnerable, then if victim connects to a WEP fake and enters
their password, we should be able to read that. Like a downgrade attack.

------
ikeboy
[https://xkcd.com/416/](https://xkcd.com/416/) looks better, anyway :)

------
spacefight
I wondered why the deauth in step 1 works, it sure looks like that's one of
the shortcomings in WPA and there is just no workaround - except going with
WPA2.

[http://security.stackexchange.com/questions/20219/preventing...](http://security.stackexchange.com/questions/20219/preventing-
deauthentication-attacks)

~~~
willidiots
It'll work against WPA2 as well, the link you provided is confusingly worded.
There's currently no technical way of preventing deauth attacks as 802.11
management frames are always unencrypted / unsigned.

802.11w aims to address this by authenticating management frames but is slow
in coming to market and plagued with interop issues:
[http://en.wikipedia.org/wiki/IEEE_802.11w-2009](http://en.wikipedia.org/wiki/IEEE_802.11w-2009)

------
Scarbutt
A bit off-topic - I have noticed that python is used way more on the
hacker/security community than other scripting langs (Perl,Ruby), anyone know
why?

~~~
urbannomad
From what I know, python is usually the first language that newbies get
pointed to when they ask where to start. It's easy to read, understand, and
has a ton of libraries.

Plus python is older, and I think gained more popularity than ruby (before
rails came along).

~~~
maxerickson
They are about the same age, Python was more popular in the US/Europe prior to
Rails catching on (which I guess contributes to it still being more used
outside of web dev).

------
eliben
Neat idea, but why can't it spoof the Wifi authentication page/popup? Can't it
dress up as a new device and try to connect to the wifi network, and then see
what kinds of authentication page is returned by the router? Then just copy
that.

~~~
pyre
Without the password, it can't quite MitM yet. It presumably makes sure that
they user connects to it because it doesn't have WEP/WPA enabled, so the
client OS automatically connects to the AP with the same name, but doesn't
warn the user that WPA is no longer enabled. It can't spoof the WPA connection
because it doesn't have the password yet.

~~~
nightpool
The problem here is that most OSs (read: Windows) _do_ warn the user that the
encryption has changed. Android won't even recognize it as the same network,
you have to remove the old one and then reconnect. So I'm not really sure
about the feasibility of this attack.

~~~
pyre
Was that even the case a couple of years ago though? I seem to remember that
this was a valid attack at least a couple of years ago. Maybe it was on OSX or
iOS devices?

------
leke
I don't see how this tests the security of a setup if it is relying on a user
submitting the password themselves. There is no way to protect against your
own or the stupidity of others.

~~~
maxerickson
A reasonable use case would be demonstrating the weakness of a naive setup to
a business that wanted to charge for access.

~~~
deanclatworthy
I've never seen a password protected paid-wifi set up. Using arp and spoofing
your Mac address is often enough to pretend you are an authenticated client to
most of these systems.

------
scottydelta
I tried running it, but it keeps looping on '[+] Choose the [num] of the AP
you wish to copy:' :-/

------
xanderjanz
Why does this require a specific linux dist?

~~~
jagermo
It does not, but Kali is designed for pentesters, so it already contains a lot
of dependencies. It's based on Debian, so with a little fiddling you should
get it running on most other distributions.

You need, however, a wifi card capable of packet injection. Some of them need
special drivers or patches, so it makes sense that the author uses a
distribution for securtiy/pentesting.

------
Zardoz84
Genius!

