Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) fewer bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It’s compatible with the latest release of Kali (rolling).
Fluxion’s attacks’ setup is mostly manual, but experimental auto-mode handles some of the attacks’ setup parameters.
How it works
*Scan for a target wireless network.
*Launch the Handshake Snooper attack.
*Capture a handshake (necessary for password verification).
*Launch Captive Portal attack.
*Spawns a rogue (fake) AP, imitating the original access point.
*Spawns a DNS server, redirecting all requests to the attacker’s host running the captive portal.
*Spawns a web server, serving the captive portal which prompts users for their WPA/WPA2 key.
*Spawns a jammer, deauthenticating all clients from original AP and lureing them to the rogue AP.
*All authentication attempts at the captive portal are checked against the handshake file captured earlier.
*The attack will automatically terminate once a correct key has been submitted.
*The key will be logged and clients will be allowed to reconnect to the target access point.
*For a guide to the Captive Portal attack, read the Captive Portal attack guide
Changelog v4.15_A1
– Move ChipsetUtils to lib folder
– Delete deprecated files
– Move chipset list to misc
– Remove path problems
– Delete deprecated files
– Move chipset list to misc
– Remove path problems
Installation
https://github.com/FluxionNetwork/fluxion.git
cd fluxion
./fluxion.sh
cd fluxion
./fluxion.sh
Source: https://github.com/FluxionNetwork/
Hello, Viewers We offer timely analysis and in-person experiences that form the basis of our professional articles. Our editorial section is a reflection of the emerging technology trends. Our tagline “Fresh News of Technology and More” tries to address the same diversity. 
No comments:
Post a Comment