Security Experts:

Connect with us

Hi, what are you looking for?


Mobile & Wireless

Wi-Fi Password Phishing Attacks Automated With New Tool

An open source piece of software made available on Sunday can be used to automate phishing attacks that target credentials for Wi-Fi networks.

An open source piece of software made available on Sunday can be used to automate phishing attacks that target credentials for Wi-Fi networks.

Many attacks against networks protected with the WPA and WPA2 security protocols involve brute forcing. The tool developed by Greek IT security engineer George Chatzisofroniou, dubbed Wifiphisher, uses a different approach, namely social engineering.Wifiphisher

Wifiphisher attacks work in three stages. In the first stage, victims are deauthenticated from their access point with the aid of deauthentication packets sent to the broadcast address, from the client to the access point, and from the access point to the client.

In the second phase, the victim access point’s settings are copied and a rogue access point is set up. Because the legitimate access point is jammed, clients will connect to the rogue access point. In this stage, the tool also sets up a NAT/DHCP server and forwards the right ports, the developer explained.

In the final phase, a man-in-the-middle (MitM) attack is launched by using a minimal Web server that responds to HTTP and HTTPS requests, and victims are presented with a fake router configuration page when they try to access a website. This configuration page informs users that a firmware update is available for the device and instructs them to enter their WPA password.

Wifiphisher is designed to work on Kali Linux, the popular penetration testing distribution, and it requires two wireless network interfaces. One of these interfaces must be capable of injections, Chatzisofroniou said.

Experts have pointed out on Reddit that users are notified by the operating system when their network configuration has changed. Victims would have to ignore the warnings before connecting to the rogue access point and being presented with the phishing page. There are also alternatives that could be more efficient, but Chatzisofroniou has admitted that Wifiphisher can be improved.

The developer is asking Python programmers and Web designers to contribute to making the tool better.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.


A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Mobile & Wireless

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6...

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...


Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still...