Fluxion - Set Up Fake AP, Fake DNS, And Create Captive Portal To Trick Users Into Giving You Their Password





Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read the FAQ before requesting issues.
If you need quick help, fluxion is also avaible on gitter. You can talk with us on Gitter or on Discord.

 Installation
Read here before you do the following steps.
Download the latest revision
git clone --recursive git@github.com:FluxionNetwork/fluxion.git
Switch to tool's directory
cd fluxion
Run fluxion (missing dependencies will be auto-installed)
./fluxion.sh
Fluxion is also available in arch
cd bin/arch
makepkg
or using the blackarch repo
pacman -S fluxion

 Changelog
Fluxion gets weekly updates with new features, improvements, and bugfixes. Be sure to check out the changelog here.

 How it works
  • Scan for a target wireless network.
  • Launch the Handshake Snooper attack.
  • Capture a handshake (necessary for password verification).
  • Launch Captive Portal attack.
  • Spawns a rogue (fake) AP, imitating the original access point.
  • Spawns a DNS server, redirecting all requests to the attacker's host running the captive portal.
  • Spawns a web server, serving the captive portal which prompts users for their WPA/WPA2 key.
  • Spawns a jammer, deauthenticating all clients from original AP and lureing them to the rogue AP.
  • All authentication attempts at the captive portal are checked against the handshake file captured earlier.
  • The attack will automatically terminate once a correct key has been submitted.
  • The key will be logged and clients will be allowed to reconnect to the target access point.
  • For a guide to the Captive Portal attack, read the Captive Portal attack guide

 Requirements
A Linux-based operating system. We recommend Kali Linux 2 or Kali rolling. Kali 2 & rolling support the latest aircrack-ng versions. An external wifi card is recommended.

 Related work
For development I use vim and tmux. Here are my dotfiles

 Credits
  1. l3op - contributor
  2. dlinkproto - contributor
  3. vk496 - developer of linset
  4. Derv82 - @Wifite/2
  5. Princeofguilty - @webpages and @buteforce
  6. Photos for wiki @http://www.kalitutorials.net
  7. Ons Ali @wallpaper
  8. PappleTec @sites
  9. MPX4132 - Fluxion V3

 Disclaimer
  • Authors do not own the logos under the /attacks/Captive Portal/sites/ directory. Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research.
  • The usage of Fluxion for attacking infrastructures without prior mutual consent could be considered an illegal activity, and is highly discouraged by its authors/developers. It is the end user's responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program.

 Note
  • Beware of sites pretending to be related with the Fluxion Project. These may be delivering malware.
  • Fluxion DOES NOT WORK on Linux Subsystem For Windows 10, because the subsystem doesn't allow access to network interfaces. Any Issue regarding the same would be Closed Immediately

 Links
Fluxion website: https://fluxionnetwork.github.io/fluxion/
Discord: https://discordapp.com/invite/G43gptk
Gitter: https://gitter.im/FluxionNetwork/Lobby




Related links


  1. Hack Tools For Ubuntu
  2. Growth Hacker Tools
  3. Hak5 Tools
  4. Pentest Tools Website
  5. Easy Hack Tools
  6. Hacking Tools Online
  7. Pentest Recon Tools
  8. Pentest Tools Port Scanner
  9. Hacking Tools Name
  10. Pentest Tools Website Vulnerability
  11. Hacking Tools For Mac
  12. Top Pentest Tools
  13. Pentest Tools Website
  14. Computer Hacker
  15. Hacking Tools Software
  16. Hacking Tools Kit
  17. Pentest Automation Tools
  18. Hack Tools For Games
  19. Nsa Hacker Tools
  20. Kik Hack Tools
  21. Hack Tools
  22. Hacking Apps
  23. Hacker Tools For Ios
  24. Nsa Hacker Tools
  25. Hacking Tools For Mac
  26. Hacker Tools 2019
  27. Pentest Tools Website Vulnerability
  28. Hacker Tools Apk
  29. Hacker Search Tools
  30. Hacker Tools Windows
  31. Hacker Tools List
  32. Best Pentesting Tools 2018
  33. Best Pentesting Tools 2018
  34. Pentest Reporting Tools
  35. Hacker Tools Github
  36. Hack Tools
  37. How To Install Pentest Tools In Ubuntu
  38. Hacker Security Tools
  39. Hacking Tools For Mac
  40. Pentest Tools Free
  41. World No 1 Hacker Software
  42. Hack Tools For Ubuntu
  43. Pentest Tools Subdomain
  44. Hack Apps
  45. Hacking Tools Github
  46. Hacker Tools Online
  47. Best Hacking Tools 2020
  48. Computer Hacker
  49. Nsa Hack Tools Download
  50. Hacker Tools 2020
  51. Hacking Tools Hardware
  52. Pentest Tools For Windows
  53. Hacker Tools Mac
  54. Hacker
  55. Pentest Tools Kali Linux
  56. Hacking Tools For Kali Linux
  57. Hack Tools For Ubuntu

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)