wifiphisher 可以硬來的假裝它是主要的無線 AP,跟所有連上原始 AP 的使用者說,我才是正牌的,來連我這吧,你就自動上釣了

Wifiphisher is a security tool that mounts fast automated phishing attacks against WiFi networks in order to obtain secret passphrases and other credentials. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining credentials from captive portals and third party login pages or WPA/WPA2 secret passphrases.

但有人說這種不用建立密碼的 AP 的方式不太可能,因為連線會被警告是新的連線了
參考 WiFiPhisher — Automated Phishing Attacks Against Wi-Fi Networks

"The tool is actually creating a second, unencrypted network. On Windows it will give you a warning that the configuration of the network has changed. On Android you'd have to manually reconnect to the unencrypted network. So their method doesn't automatically perform a man-in-the-middle attack," said one of the critics on Reddit.
最後修改日期: 2015 年 01 月 29 日
Related posts 相關文章
網路上仍然有超過 8 萬個 Hikvision 海康威視攝影機存在漏洞未更新
More...
分析被駭主機的惡意程式
More...
用 urlscan.io 來掃網站
More...
哇哇哇! 釣魚網站 www.apple.com
More...

作者

留言

撰寫回覆或留言

發佈留言必須填寫的電子郵件地址不會公開。

69 − = 66