Wifiphisher is a security tool
that mounts the fast automated phishing attacks which are against WPA networks
so as order to acquire all the secret passphrase of the particular Wi-Fi
network. Unlike other methods of hacking, Wifiphisher is a type of social
engineering attack that does not include brute forcing. It is very easy way to
obtain WPA credentials of the users whom you wish to hack. Wifiphisher
works on a platform that supports Kali Linux Operating System and is licensed
under the MIT license.
How it
Works?
Wifiphisher is a tool that is
used to hack a Wi-FI network and this attack makes use of three phases:
Start It using 'wifiphisher.py' in terminal.
PHASE 1:
·
Victim
is being deauthenticated from their access point.
·
Wifiphisher
tries to jam all the target access point’s wifi devices continuously that are
available within range by sending deauth packets to the client from the access
point.
·
It
discovers all the networks that are available in the access point range.
·
This
tool alters the access point of all the devices through the main server and
broadcasts the address along with the deauth packets.
·
It
starts generating fake access points by copying an access point from a set of
access points shown below:
PHASE 2:
·
This is
the second phase where the Victim joins a rogue access point.
·
It asks
for password authentication and in the backdrop, the tool tries to copy all the
credentials of the possible Wi-Fi networks.
·
Wifiphisher
sniffs the area and copies the target access point’s settings.
·
Now,
this tool creates a rogue wireless access point that is modeled on the target
by setting a NAT/DHCP server and forwards the right ports.
·
Consequently,
because of the jamming, clients will start connecting to the rogue access
point. After this phase, the victim is Mitimed.
PHASE 3:
·
Victim
is being served a realistic router config-looking page where the Wifiphisher
tool employs a minimal web server that responds to HTTP & HTTPS requests.
·
As soon
as the victim requests a page from the Internet, wifiphisher responds with a
realistic fake page that asks for WPA password confirmation due to a router
firmware upgrade.
Till now you have seen two
techniques to hack Wi-Fi WEP, WPA/WPA2 Security using Wifite and WIFIPHISHER.
By using these two server attacks, you can easily crack the Wi-Fi network.
How to
Protect your Wi-Fi Network from getting Hacked?
From the above techniques, you
might clearly understand that hacking a Wi-Fi network is an easy process. Now,
it’s time to focus on tightening your Wi-Fi security. Now, you might get
complete awareness about the security and Wi-Fi Network Hacking through this
article. Follow some tips so as to enhance security of your Wi-Fi network.
1. As WEP is an easy hacked Wi-Fi
security encryption method, it is recommended to change Wi-Fi security from WEP
to WPA/WPA2. WEP is now denigrated security protection.
2. Change the password of your Wi-Fi
network periodically so that if in case someone gets chance to hack your Wi-Fi
password, they will not be able to use your free Internet for long period of
time.
3. Disable WPS as it has lots of
vulnerabilities.
No comments:
Post a Comment