一:软件介绍WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack DescriptionWiFi-Pumpkin is a very complete framework for auditing Wi-Fi security. The main feature is the ability to create a fake AP and make Man In The Middle attack, but the list of features is quite broad. 二:安装 - git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
- cd WiFi-Pumpkin
- ./installer.sh --install
或者: 下载.deb包进行安装 - sudo dpkg -i wifi-pumpkin-0.8.5-all.deb
- sudo apt-get -f install
三:功能介绍 - Rogue Wi-Fi Access Point
- Deauth Attack Clients AP
- Probe Request Monitor
- DHCP Starvation Attack
- Credentials Monitor
- Transparent Proxy
- Windows Update Attack
- Phishing Manager
- Partial Bypass HSTS protocol
- Support beef hook
- ARP Poison
- DNS Spoof
- Patch Binaries via MITM
- Karma Attacks (support hostapd-mana)
- LLMNR, NBT-NS and MDNS poisoner (Responder)
- Pumpkin-Proxy (ProxyServer (mitmproxy API))
- Capture images on the fly
- TCP-Proxy (with scapy)
四:插件介绍 Plugin | Description | | This tools offer a different features for post-explotation once you change the DNS server to a Victim. | | Sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping attacks based version fork @LeonardoNve/@xtr4nge. | | Sergio Proxy (a Super Effective Recorder of Gathered Inputs and Outputs) is an HTTP proxy that was written in Python for the Twisted framework. | | Patch Binaries via MITM: BackdoorFactory + mitmProxy, bdfproxy-ng is a fork and review of the original BDFProxy @secretsquirrel. | | Responder an LLMNR, NBT-NS and MDNS poisoner. Author: Laurent Gaffie |
五:透明代理 Transparent proxies(mitmproxy) that you can use to intercept and manipulate HTTP traffic modifying requests and responses, that allow to inject javascripts into the targets visited. You can easily implement a module to inject data into pages creating a python file in directory "plugins/extension/" automatically will be listed on Pumpkin-Proxy tab.
| 
[复制链接]
发表于 2018-5-5 16:07:22
发表于 2019-3-28 08:07:06
