Featured

Spectre & Meltdown

Image
                                     Meltdown & Spectre First Off i Wanna apologize to My Readers for my long absence, a lot of crucial things have been happening in my life for the past 4-5 months, and finally my high school is over and i'm waiting for my reports. From now on, i'll be posting blogs every two weeks or so (that'll get shorter soon). Today's blog is all about Meltdown and Spectre, these are the two security bugs that can cause chaos to almost any processor that has been manufactured till this day.  Most of the viruses tries to exploit the vulnerability in the code of a specific program they are designed to infect, this means that they can't affect programs or OSes they are not designed to affect so to a level we are almost safe. But the problem with these two are they function on a much closer to a hardware level so they can exploit almost any process...
Post a Comment
                                                     
https://www.facebook.com/shahineyyhttps://www.instagram.com/subnet_guyhttps://twitter.com/shahineyy

How To Know The Wi-Fi Password. Using Wifiphisher

Know The Wi-Fi Password. Using Wifiphisher



In My First Tutorial I'm Going To Show You, How to Hack WiFi using wifiphisher. WiFiphisher is fast attack and reveals password without Taking Much of Your time. Wifiphisher Uses NO dictionaries, or brute force .  let’s get started...
What Is Wifiphisher?

Wifiphisher is a security tool that mounts automated phishing attacks against WiFi networks in order to obtain secret passphrases or other credentials. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining credentials from captive portals and third party login pages or WPA/WPA2 secret passphrases.

How It Works...

WiFiphisher creates an evil twin AP, then DoS's all User Data from AP and when users re-authenticate, they are redirected to fake AP with the same SSID. After connecting with fake AP, they will see a legitimate looking webpage that requests their password to “Upgrade firmware”. When the user enters password in our wifiphishing page, we capture their password and user allowed further to access the internet from fake evil twin AP, so they can’t feel anything suspicious.

This tutorial is for Educational purposes only and should not be used for any illegal activities . IM NOT RESPONSIBLE IF YOU CAUSE ANY DAMAGE OR MISUSE IT .Don’t INTRUDE into someone's privacy.


Requirements to Hack WiFi using wifiphisher Hacking tool – WPA | WPA2 :



Step 1: Install or update python
First, you have to install or update “python” in Kali LINUX. To do, enter open terminal and type the command below.

apt-get install python




Step 2: Download WiFiphisher script

After installing python, download Wifiphisher script from GitHub. To download the script, open terminal and enter below commands(copy and paste it in terminal):

git clone https://github.com/sophron/wifiphisher.git





Step 3: Navigate to the directory

Navigate to the directory where wifiphisher is downloaded. To navigate type below command in terminal.

sudo cd wifiphisher/




Now confirm the name of the script. To confirm the name of script, type:

ls -l


Step 4: Run the Script “ wifiphisher.py” 

To run script type below commands in terminal and hit enter.

python wifiphisher.py










above command will start the script. Now it will ask for “hosted” for that you need to install hosted. Proceed it by typing ” y ” means yes. It will install hosted for you.





 After the hostapd, you need to execute the Wifiphisher script once again.
python wifiphisher.py

Now you will see wifiphisher has started the web server on port 8080 and 443. Now script started discovering WiFi AP within our range.

Step 5: Select AP and Get the Password

When it has completed, it will list all the Wi-Fi networks it has discovered. Select your target AP, to select target just press ctrl+c(to stop scanning) and type “num” of AP.

 Now after entering num, hit enter. You will see APs SSID and mac address, it is actually indicating that this SSID is going to be cloned. And real AP is being jammed by wifiphisher script. In this process, the directed users connected to the  Real AP will be de-authenticated and. when they re-authenticate, They are directed to the  cloned evil twin access point.
After connecting to evil twin AP ,wifiphisher serves a legitimate looking proxy 10.0.0.58 webpage and display a message that firmware upgrade has taken place on their router and they must re-authenticate.
When the user enters their password, it will be passed to you through the Wifiphisher open terminal, as seen below and our evil AP will provide further internet access, so user can’t find anything suspicious.


above command will start the script .Now it will ask for “hostapd”, you need to install hostapd. Proceed it by typing ” y ” means yes. It will install hostapd for you.

Comments

Post a Comment

Popular posts from this blog

Spectre & Meltdown

Image
                                     Meltdown & Spectre First Off i Wanna apologize to My Readers for my long absence, a lot of crucial things have been happening in my life for the past 4-5 months, and finally my high school is over and i'm waiting for my reports. From now on, i'll be posting blogs every two weeks or so (that'll get shorter soon). Today's blog is all about Meltdown and Spectre, these are the two security bugs that can cause chaos to almost any processor that has been manufactured till this day.  Most of the viruses tries to exploit the vulnerability in the code of a specific program they are designed to infect, this means that they can't affect programs or OSes they are not designed to affect so to a level we are almost safe. But the problem with these two are they function on a much closer to a hardware level so they can exploit almost any process...
Read more

KRACK Attacks What is it ?

Image
K ey  R einstallation  A tt ack  Breaking WPA2 by Forcing Nonce Reuse Hey there READERS! Instead of How-to Post, today I'm Gonna be Posting About a Vulnerability Which Has Recently Been Discovered by Mathy Vanhoef Mathy Vanhoef, a postdoctoral computer researcher said:  We have discovered serious weaknesses in WPA2, a protocol that secures all modern protected WI-FI Networks. An attacker within the range of a victim can exploit these weaknesses using Key Re-installation Attacks (KRACKs) As you might have heard or read About WPA2 (Wireless Protected Access II) the most common wireless protocol that you’ll find in use on networks such as home, public cafes, etc. Researchers have Found a serious flaw in the protocol which allows hackers within the range of the network decrypt password and access internet traffic. It can allow attackers to steal information such as credit cards, passwords, chat messages, email, photos, etc. An...
Read more