Rogue Wi-Fi Access Point Attack Framework – Wifi Pumpkin

Mark Funk
Posted by Mark Funk June 17, 2020
wifi pumpkin img

WiFi-Pumpkin is a robust system for WiFi security auditing. The main feature is the ability to create a fake AP and to attack Man In The Middle, but the list of features is extensive.

WiFi pumpkin installation

Python 2.7

git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git

cd WiFi-Pumpkin

./installer.sh –install

Features

  • Rogue WiFi Access Point.
  • Windows Update Attack.
  • Patch Binaries via MITM.
  • ARP PoisonDNS Spoof.
  • DHCP Starvation Attack.
  • Death Attack Clients AP.
  • Probe Request Monitor.
  • Credentials Monitor.
  • Transparent Proxy.
  • Phishing Manager.
  • LLMNR, NBT-NS, and MDNS poisoner (Responder).
  • Pumpkin-Proxy (ProxyServer (MITM proxy API)).
  • Capture images on the fly.
  • Partial Bypass HSTS protocol.
  • Support beef hook.
  • Karma Attacks (support hostapd-mana).
  • TCP-Proxy (with scapy)

Plugin Tools

PluginDescription
Dns2proxyThis tool provides different post-exploitation features once you change the DNS server to a victim.
Sstrip2SSLstrip is a MITM tool that implements fork @LeonardoNve/@xtr4nge for Moxie Marlinspike SSL stripping attacks.
Sergio_proxySergio Proxy (super-efficient recorder of gathered inputs and outputs) is an HTTP proxy written for the twisted framework in Python.
BDFProxyPatch binaries from MITM: BackdoorFactory + MITM proxy, bdfproxy-ng is a fork and summary of the original @secretskirrel BDFProxy.
ResponderPoisoner LLMNR, NBT-NS and MDNS. Posted by: Laurent Gaffie

 

Transparent Proxy

Transparent proxies (MITM proxy), which you can use to insert javascript into your visited targets to intercept and exploit HTTP traffic, changing requests, and answers. You can quickly deploy a module for injecting data into pages, which automatically list a python file in the plugins/extension/ directory on the Pumpkin-Proxy tab.

TCP-Proxy Server

A proxy between you and a TCP stream. It filters the request and answer streams and actively modifies a TCP protocol packet intercepted by WiFi-Pumpkin (scapy module). This plugin uses modules to view or edit intercepted data that are automatically listed on the TCP-Proxy tab when you quickly implement a module, add your customized module on “Plugins / Analyzers/.”

Mark Funk
Mark Funk
View More Posts
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.