Wifi-Pumpkin V0.8.7 - Framework For Rogue Wi-Fi Access Betoken Attack


The WiFi-Pumpkin is a rogue AP framework to easily exercise these mistaken networks, all piece forwarding legitimate traffic to together with from the unsuspecting target. It comes stuffed amongst features, including rogue Wi-Fi access points, deauth attacks on customer APs, a probe request together with credentials monitor, transparent proxy, Windows update attack, phishing manager, ARP Poisoning, DNS Spoofing, Pumpkin-Proxy, together with ikon capture on the fly. moreover, the WiFi-Pumpkin is a rattling consummate framework for auditing Wi-Fi safety depository fiscal establishment jibe the listing of features is quite broad.

Installation
  • Python 2.7
 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git  cd WiFi-Pumpkin  ./installer.sh --install
or download .deb file to install
sudo dpkg -i wifi-pumpkin-0.8.7-all.deb sudo apt-get -f install # strength install dependencies if non install normally
refer to the wiki for Installation

Features
  • Rogue Wi-Fi Access Point
  • Deauth Attack Clients AP
  • Probe Request Monitor
  • DHCP Starvation Attack
  • Credentials Monitor
  • Transparent Proxy
  • Windows Update Attack
  • Phishing Manager
  • Partial Bypass HSTS protocol
  • Support beef hook
  • ARP Poison
  • DNS Spoof
  • Patch Binaries via MITM (BDF-Proxy)
  • LLMNR, NBT-NS together with MDNS poisoner (Responder)
  • Pumpkin-Proxy (ProxyServer (mitmproxy API))
  • Capture images on the fly
  • TCP-Proxy (with scapy)
  • Moduled plugins together with proxys
  • Wireless Mode back upward hostapd-mana/hostapd-karma attacks

Plugins
Plugin Description
Dns2proxy This tools offering a unlike features for post-explotation 1 time y'all alter the DNS server to a Victim.
Sstrip2 Sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping attacks based version fork @LeonardoNve/@xtr4nge.
Sergio_proxy Sergio Proxy (a Super Effective Recorder of Gathered Inputs together with Outputs) is an HTTP proxy that was written inwards Python for the Twisted framework.
BDFProxy Patch Binaries via MITM: BackdoorFactory + mitmProxy, bdfproxy-ng is a fork together with review of the master BDFProxy @secretsquirrel.
Responder Responder an LLMNR, NBT-NS together with MDNS poisoner. Author: Laurent Gaffie

Transparent Proxy


Transparent proxies(mitmproxy) that y'all tin purpose to intercept together with manipulate HTTP traffic modifying requests together with responses, that let to inject javascripts into the targets visited. You tin easily implement a module to inject information into pages creating a python file inwards directory "plugins/extension/" automatically volition live on listed on Pumpkin-Proxy tab.

Plugins Example Dev
from mitmproxy.models import decoded # for decode content html from plugins.extension.plugin import PluginTemplate  bird Nameplugin(PluginTemplate):    meta = {        'Name'      : 'Nameplugin',        'Version'   : '1.0',        'Description' : 'Brief description of the novel plugin',        'Author'    : 'by dev'    }    def __init__(self):        for key,value inwards self.meta.items():            self.__dict__[key] = value        # if y'all desire gear upward arguments depository fiscal establishment jibe refer wiki to a greater extent than info.        self.ConfigParser = False # No ask arguments     def request(self, flow):        impress flow.__dict__        impress flow.request.__dict__        impress flow.request.headers.__dict__ # asking headers        host = flow.request.pretty_host # top away domain on the wing requests        versionH = flow.request.http_version # top away http version         # top away redirect domains illustration        # pretty_host takes the "Host" header of the asking into account,        if flow.request.pretty_host == "example.org":            flow.request.host = "mitmproxy.org"         # top away all asking Header illustration        self.send_output.emit("\n[{}][HTTP REQUEST HEADERS]".format(self.Name))        for name, valur inwards flow.request.headers.iteritems():            self.send_output.emit('{}: {}'.format(name,valur))         impress flow.request.method # exhibit method asking        # the model printer information        self.send_output.emit('[NamePlugin]:: this is model for salve information logging')     def response(self, flow):        impress flow.__dict__        impress flow.response.__dict__        impress flow.response.headers.__dict__ #convert headers for python dict        impress flow.response.headers['Content-Type'] # top away content type         #every HTTP reply earlier it is returned to the customer        amongst decoded(flow.response):            impress flow.response.content # content html            flow.response.content.replace('','

injected

') # supplant content tag del flow.response.headers["X-XSS-Protection"] # withdraw protection Header flow.response.headers["newheader"] = "foo" # adds a novel header #and the novel header volition live on added to all responses passing through the proxy

About plugins
plugins on the wiki

TCP-Proxy Server
Influenza A virus subtype H5N1 proxy that y'all tin house betwixt inwards a TCP stream. It filters the asking together with reply streams amongst (scapy module) together with actively modify packets of a TCP protocol that gets intercepted yesteryear WiFi-Pumpkin. this plugin uses modules to sentiment or modify the intercepted information that perhaps easiest implementation of a module, merely add together your custom module on "plugins/analyzers/" automatically volition live on listed on TCP-Proxy tab.
from scapy.all import * from scapy_http import http # for layer HTTP from default import PSniffer # base of operations plugin bird  bird ExamplePlugin(PSniffer):     _activated     = False     _instance      = None     meta = {         'Name'      : 'Example',         'Version'   : '1.0',         'Description' : 'Brief description of the novel plugin',         'Author'    : 'your name',     }     def __init__(self):         for key,value inwards self.meta.items():             self.__dict__[key] = value      @staticmethod     def getInstance():         if ExamplePlugin._instance is None:             ExamplePlugin._instance = ExamplePlugin()         provide ExamplePlugin._instance      def filterPackets(self,pkt): # (pkt) object inwards guild to modify the information on the wing         if pkt.haslayer(http.HTTPRequest): # filter alone http asking              http_layer = pkt.getlayer(http.HTTPRequest) # top away http fields equally dict type             ip_layer = pkt.getlayer(IP)# top away ip headers fields equally dict type              impress http_layer.fields['Method'] # exhibit method http asking             # exhibit all detail inwards Header asking http             for detail inwards http_layer.fields['Headers']:                 print('{} : {}'.format(item,http_layer.fields['Headers'][item]))              impress ip_layer.fields['src'] # exhibit source ip address             impress ip_layer.fields['dst'] # exhibit destiny ip address              impress http_layer # exhibit detail type dict             impress ip_layer # exhibit detail type dict              provide self.output.emit({'name_module':'send output to tab TCP-Proxy'})

About TCP-Proxy
TCP-Proxy on the wiki

Screenshots
Screenshot on the wiki