Martes, Setyembre 6, 2016

FLUXION Evil Twin WiFi Attack working sa Kali Rolling

Fluxion is the future (http://adf.ly/1dlzAF

Fluxion is a remake of linset by vk439 with fixed bugs and added features. It's compatible with the latest release of Kali (Rolling)


How it works

    Scan the networks.
    Capture handshake (can't be used without a valid handshake, it's necessary to verify the password)
    Use WEB Interface *
    Launches a FakeAP instance imitating the original access point
    Spawns a MDK3 processs, which deauthentificates all of the users connected to the target network, so they can be lured to connect to FakeAP network and enter the WPA password.
    A DHCP server is lainched in FakeAP network
    A fake DNS server is launched in order to capture all of the DNS requests and redirect them to the host running the script
    A captive portal is launched in order to serve a page, which prompts the user to enter their WPA password
    Each submitted password is verified against the handshake captured earlier
    The attack will automatically terminate once correct password is submitted



Install dependencies:

    Run installer script [ALWAYS RUN AS ROOT USER #]


Code:

# git clone --depth 1 https://github.com/deltaxflux/fluxion
# chmod a+x -Rv fluxion
# cd fluxion
# ./Installer.sh


Launch fluxion

2) Execute the main script
Code:

# ./fluxion


Credits

    Deltax @FLuX and Fluxion main developer
    Strasharo @Fluxion help to fix DHCPD and pyrit problems, spelling mistakes
    vk439 @Linset main developer of linset
    ApatheticEuphoria @Wifi-Slaughter WPS Crack
    Derv82 @Wifite/2
    Sophron @Wifiphisher
    sensepost @Mana



Bugs fixed

    Negative Channel
    Kali Patch for Kali Patch 2
    Added airmon
    Translate DE --> EN
    Handshake get fixed
    Check Updates
    Animations
    Wifi List Bug




TRIED AND TESTED sa KALI 2016 ROLLING. Screenshots later.

STEP BY STEP BY STEP BY STEP BY STEP SA MGA NEWBIE

Para sa hindi pa updated Kali Linux 'Rolling' distro update niyo muna:

Kung hindi ka pa naka Kali Rolling repository gawin mong ganito:
1. Buksan ang Terminal
Code:

gedit /etc/apt/sources.list

Idelete ang nakalagay dyan at ipaste ito
Code:

deb http://http.kali.org/kali kali-rolling main non-free contrib

2. Itype at Enter
Code:

# apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y

Code:

# git clone --depth 1 https://github.com/deltaxflux/fluxion

Code:

# cd fluxion

3. Install mo yung mga di pa installed na program para mapa-ander si fluxion
Code:

# apt-get install isc-dhcp-server hostapd lighttpd mdk3 php5-cgi aircrack-ng reaver pixiewps wifite pyrit curl macchanger nmap xterm python awk -y

or pa-andarin lang yung
Code:

Installer.sh

4. Pa-andarin na si ./fluxion. Based siya sa LINSET kaya di siguro kelangan iexplain.

KUNG HINDI PA NAKAKGAMIT NG LINSET ETO NA YUNG STEP BY STEP:

1. Pa-andarin si fluxion








Code:

# chmod a+x -Rv fluxion
# ./fluxion

eto lalabas:






DAPAT OK lahat kapag hindi, pa-andarin mo yung ./Installer.sh

PIliin mo yung WiFi adapter mo. NOTE: KUNG HINDI MADETECT YUNG WIFI mo install mo yung firmware niya via
Code:

# apt-get install firmware-linux firmware-linux-nonfree firmware-broadcom firmware-realtek firmware-ralink

ALAMIN mo muna kung ano chipset niya via: KUNG USB Based lsusb kung PCI or Internal lspci gamitin mo
Code:

# lsusb -vvv | grep Network
#lspci -vvv | grep Network
#echo "Install mo yung firmware para sa kanya i-duckduckgo mo na lang para madali wag na kayong mag post kung paano, subukan niyo naman MAGBASA"

2. Select mo ALL CHANNELS, tapos lalabas si Airodump-ng hintayin mo ng mga 1 MIN tapos press mo Ctrl + C
Pili ka ng TARGET WIFI AP mo, via Number. Press ENTER








3. Piliin mo yung 1, ENTER.
4. ENTER mo ulit.
5. Select mo 1 Handshake check yung aircrack-ng
6. Sa Capture handshake select 1 Deauth all.
7. Bubukas ulit si airmon-ng hintayin mo yung handshake. NAKALAGAY DUN PAG NAGHANDSHAKE ay
Code:

WPA HANDSHAKE: 11:FF:BB:CC:DD

Pag ganon select mo 1 YES.
8. Select mo ENG number 1. ENGLISH LANGUAGE yung WEB INTERFACE na makikita ni VICTIM mo. ENTER







9. HINTAYIN mo nilang ienter yung password. NOTE: IMPOSIBLE nilang maienter ang maling password dahil nakuha mo yung handshake kaya 1111% CORRECT PASSWORD yung makukuha mo. AYOS DIBA.






YUNG IBANG LINSET VERSION AY DI GUMAGANA SA KALI LINUX 2K16 pero ITO NA PO YUNG FIXED VERSION.
NOTE:
MAG THANKS KUNG NAKATULONG. DISCLAIMER: HUWAG GAMITIN SA MGA MILITARY, GOV, INTELLIGENCE, EDUCATION, HEALTH SERVICES ANG GANITONG ATTACK DAHIL ...
CREDITS nasa TAAS na.

DI PO ITO GAGANA SA VIRTUALBOX, VMWARE. MAG USB PERSITENCE LIVE NALANG PO KAYO:
http://docs.kali.org/downloading/kal..sb-persistence
Ipinaskil ni sa
Mga etiketa:

Walang komento:

Mag-post ng isang Komento

Mag-subscribe sa: I-post ang Mga Komento (Atom)