Sometime on some places we got free WiFi networks. Free WiFi is always a weakness of modern day people. As a cybersecurity expert we always say to not connect to publicly available networks. But why?
In our this detailed article we learn how WiFi-Pumpkin3 works on Kali Linux 2020 and how black-hat guys steel other's credentials using a rouge access point. We also discuss about how to be safe.
We can do this manually, but using Aircrack-ng, configuring the IP tables and using some other tools are time consuming. WiFi-Pumpkin3 do these manually.
Key Features of WiFi-Pumpkin
- Rouge WiFi access point.
- Deauth attacks on clients AP.
- Intercept, inspect, modify and replay web traffic.
- Probe request monitor.
- DHCP Starvation attack.
- Credential monitor.
- Transparent proxy.
- Windows update attack.
- Phishing manager.
- ARP poisoning.
- DNS spoof.
- Pumpkin proxy (MITM proxy server).
- Capture images on the fly.
Installing WiFi Pumpkin3 on Kali Linux
Let's start the installation process of WiFi-Pumpkin. Before installing WiFi-Pumpkin we need to install some requirements like hostapd and pyqt5 on our Kali Linux system. To install them we need to run following command on our terminal:
sudo apt install python3-pyqt5 hostapd
After entering this command the installation process will be started. Also we recommend to install some system packages, os-level dependencies for errorless installation and work. We need to apply following command in our terminal:
sudo apt install libssl-dev libffi-dev build-essential
After installing these packages we are ready to install WiFi-Pumpkin3 on our system. First we need to clone this from It's GitHub repository by using following command:
git clone https://github.com/P0cL4bs/wifipumpkin3
The output of the command shows in the following screenshot:
Then we navigate to the wifipumpkin3 directory using cd command:
Now we start the installation process by running following command:
sudo python3 setup.py install
We can see that after applying this command, our installation process has been started.
This might take a little bit time. Usually this process takes 3-5 minutes depending on our internet speed and system speed. We are taking a coffee break.
After our coffee finished we see that WiFi-Pumpkin3 installation is finished, it actually install some necessary packages to rum WiFi-Pumpkin.
Using WiFi Pumpkin3 on Kali Linux
Now we can run WiFi-Pumpkin3 from our terminal directly by using following command:
In the following screenshot we can see that our WiFi-Pumpkin3 is started. We are inside the pumpkinπ.
Now we configure the access point first. To configure an access point we need to run ap command:
Here we get the access point settings. Here we can changes SSID, Channel, Interface and Security.
In the above screenshot we can see that no interface is selected, we set interface by using set interface <name> command.
In our case we use wlan0 as our Wi-Fi interface, so we use following command:
Then we configure our SSID and to get attracted by people we choose a juicy SSID (we named it Free WiFi for social engineering.. heπhe). We can easily make it by using following command:
Then if we want we can set a security password, in our case we are going to share a rouge access point without password but if we want to assign a weak password we can use set security true after that to set a password we can use set security.wpa_sharedkey myeasypass.
We disable the DNS log, otherwise it comes on terminal again and again. To disable it we use following command:
For an example we are going to set a proxy for capturing Facebook passwords. If we set the proxy then whenever someone connects on our free WiFi, our WiFi forcefully navigate the target to a Facebook login phishing page. If the anyone puts credential then we got it.
Using help command we can see that we can see modules by using show command.
Here we can see the captiveflask module. to use it we simply apply use command:
use misc.extra_captiveflask
Then we can run the help command here. The output is in the following screenshot:
Here we can see the list from GitHub or we can download available templates. We apply download command.
Then we can install Facebook template by using following command:
The following screenshot shows the output of applied command:
We can see that Facebook plugin is successfully installed. Now we need to reinstall WiFiPumpkin3 tool to see the changes. We need to exit command to exit from WiFiPumpkin3 and again install it by using following command:
sudo python3 setup.py install
This will be updated in some seconds. After that we again run this tool by using following command:
Again we need to use CaptiveFlask by using following command:
use misc.extra_captiveflask
We can see the list by using following command:
In the following screenshot we can see that Facebook plugin is available to use.
Now we need to set a proxy for this. We use back command to get back to the main page of WiFiPumpkin3.
Now we set the proxy to CaptiveFlask by using following command:
Our proxy is set to captiveflask and if we want we can see the proxies using proxies command.
In the above screenshot we can see that Facebook is set to false, so we are going to change it. To make it "true" we run following command:
set captiveflask.facebook true
After applying the command we can see that Facebook is set as "true" in the following screenshot.
Now everything is done we can run the WiFiPumpkin3 tool by just using following command:
start
This will configure some things and start it in some seconds as we can see in the following screenshot.
Now we open our android device and connect to our created WiFi access point (named Free WiFi).
Then our created WiFi access point will say "Tap here to sign in to network". Our created rouge access point will force our Android device to sign in. It will open Facebook login page as we can see in the following screenshot.
When we puts the credentials here it will be showed on our WiFiPumpkin3's terminal.
In the above screenshot we can see that we got the credentials here.
That is why we always told that publicly available free WiFi might give us trouble. We need to always be aware.
Comments