How Wifiphisher Works
Wifiphisher uses social engineering to get a password for WiFi and websites the method is called Evil Twin Attack. You do not need a powerful hardware for a long time for bruteforce password.
The principle of the tools:
- the access point is selected, its settings are copied (name, channel, etc.)
- on the WiFi card of the attacker, a clone (Evil Twin) of this access point is launched, which repeats the original except for one thing – you can connect to it without a password
- users are disconnected from the original access point by deauthentication attack
- the original access point is continually muffled. For this, the attacker needs a second wireless card.
- when a user connects to the Evil Twin, he is asked for a WiFi password (for example, to update the firmware) under various pretexts. The password thus received is sent to the attacker.