Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
[Image: 68747470733a2f2f77696669706869736865722e...722e706e67]

The idea here is to create an evil twin AP, then de-authenticate or DoS the user from their real AP. When they re-authenticate to your fake AP with the same SSID, they will see a legitimate-looking webpage that requests their password because of a "firmware upgrade." When they provide their password, you capture it and then allow them to use the evil twin as their AP, so they don't suspect a thing. 

NOTE: You will need to be running kali lunix

Also for dos'ing the wifi network you need 2 wifi cards but you can still do this attack with 1

Step 1. Download and install Wifiphisher

This can be done by using these commands in terminal

git clone # Download the latest revision
cd wifiphisher # Switch to tool's directory
sudo python install # Install any dependencies (Currently, hostapd, dnsmasq, PyRIC, blessings)

Step 2. Run the script[Only registered and activated users can see links Click here to register]

The first time you run the script, it will likely tell you that "hostapd" is not found and will prompt you to install it. Install by typing "y" for yes. It will then proceed to install hostapd.

[Only registered and activated users can see links Click here to register]

When it has completed, once again, execute the Wifiphisher script.


This time, it will start the web server on port 8080 and 443, then go about and discover the available Wi-Fi networks.

Here is an example:

wifiphisher -aI wlan0 -jI wlan4 -p firmware-upgrade
Use wlan0 for spawning the rogue Access Point and wlan4 for DoS attacks. Select the target network manually from the list and perform the "Firmware Upgrade" scenario.

Post here if anyone has any problems

Forum Jump:

Users browsing this thread: 1 Guest(s)