Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/P0cL4bs/WiFi-Pumpkin

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3
https://github.com/P0cL4bs/WiFi-Pumpkin

access-point hacking man-in-the-middle mitm python sniffing wifi wireless

Last synced: 3 months ago
JSON representation

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

Awesome Lists containing this project

README 

        
# This repository is ⛔️ DEPRECATED, [wifipumpkin3](https://github.com/P0cL4bs/wifipumpkin3) is Released, checkout!



![logo](https://raw.githubusercontent.com/P0cL4bs/WiFi-Pumpkin/master/docs/logo.png)



[![build](https://travis-ci.org/P0cL4bs/WiFi-Pumpkin.svg)](https://travis-ci.org/P0cL4bs/WiFi-Pumpkin/)

![version](https://img.shields.io/badge/version-0.8.8-orange.svg)



WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack



### Description



The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor, transparent proxy, Windows update attack, phishing manager, ARP Poisoning, DNS Spoofing, Pumpkin-Proxy, and image capture on the fly. moreover, the WiFi-Pumpkin is a very complete framework for auditing Wi-Fi security check the list of features is quite broad.



![screenshot](https://raw.githubusercontent.com/P0cL4bs/WiFi-Pumpkin/master/docs/screenshot.png)



### Installation



- Python 2.7



```sh

 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git

 cd WiFi-Pumpkin

 ./installer.sh --install

```



or download [.deb](https://github.com/P0cL4bs/WiFi-Pumpkin/releases) file to install



```sh

sudo dpkg -i wifi-pumpkin-0.8.8-all.deb

sudo apt-get -f install # force install dependencies if not install normally



```



refer to the wiki for [Installation](https://github.com/P0cL4bs/WiFi-Pumpkin/wiki/Installation)



### Features



- Rogue Wi-Fi Access Point

- Deauth Attack Clients AP

- Probe Request Monitor

- DHCP Starvation Attack

- Credentials Monitor

- Transparent Proxy

- Windows Update Attack

- Phishing Manager

- Partial Bypass HSTS protocol

- Support beef hook

- ARP Poison

- DNS Spoof

- Patch Binaries via MITM (BDF-Proxy)

- LLMNR, NBT-NS and MDNS poisoner (Responder)

- Pumpkin-Proxy (ProxyServer (mitmproxy API))

- Capture images on the fly

- TCP-Proxy (with [scapy](http://www.secdev.org/projects/scapy/))

- Moduled plugins and proxys

- Wireless Mode support hostapd-mana/hostapd-karma attacks

- Capitve-portals [new]



### Donation



##### paypal:



[![donate](https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=PUPJEGHLJPFQL)



##### Via BTC:



1HBXz6XX3LcHqUnaca5HRqq6rPUmA3pf6f



### Plugins



| Plugin                                                       | Description                                                                                                                                     |

| :----------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------------------------------------- |

| [Dns2proxy](https://github.com/LeonardoNve/dns2proxy)        | This tools offer a different features for post-explotation once you change the DNS server to a Victim.                                          |

| [Sstrip2](https://github.com/LeonardoNve/sslstrip2)          | Sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping attacks based version fork @LeonardoNve/@xtr4nge.                     |

| [Sergio_proxy](https://github.com/supernothing/sergio-proxy) | Sergio Proxy (a Super Effective Recorder of Gathered Inputs and Outputs) is an HTTP proxy that was written in Python for the Twisted framework. |

| [BDFProxy](https://github.com/davinerd/BDFProxy-ng)          | Patch Binaries via MITM: BackdoorFactory + mitmProxy, bdfproxy-ng is a fork and review of the original BDFProxy @secretsquirrel.                |

| [Responder](https://github.com/lgandx/Responder)             | Responder an LLMNR, NBT-NS and MDNS poisoner. Author: Laurent Gaffie                                                                            |

| [PumpkinProxy]()                                             | Intercepting HTTP data, this proxy server that allows to intercept requests and response on the fly

| [CaptivePortals]()                                          | Captive-Portal allow the Attacker block Internet access for users until they open the page login page where a password is required before being allowed to browse the web. | 



### Transparent Proxy



![proxy](https://raw.githubusercontent.com/P0cL4bs/WiFi-Pumpkin/master/docs/proxyscenario.png)



Transparent proxies(mitmproxy) that you can use to intercept and manipulate HTTP traffic modifying requests and responses, that allow to inject javascripts into the targets visited. You can easily implement a module to inject data into pages creating a python file in directory "plugins/extension/" automatically will be listed on Pumpkin-Proxy tab.



#### Plugins Example Dev



```python

from mitmproxy.models import decoded # for decode content html

from plugins.extension.plugin import PluginTemplate



class Nameplugin(PluginTemplate):

   meta = {

       'Name'      : 'Nameplugin',

       'Version'   : '1.0',

       'Description' : 'Brief description of the new plugin',

       'Author'    : 'by dev'

   }

   def __init__(self):

       for key,value in self.meta.items():

           self.__dict__[key] = value

       # if you want set arguments check refer wiki more info.

       self.ConfigParser = False # No require arguments



   def request(self, flow):

       print flow.__dict__

       print flow.request.__dict__

       print flow.request.headers.__dict__ # request headers

       host = flow.request.pretty_host # get domain on the fly requests

       versionH = flow.request.http_version # get http version



       # get redirect domains example

       # pretty_host takes the "Host" header of the request into account,

       if flow.request.pretty_host == "example.org":

           flow.request.host = "mitmproxy.org"



       # get all request Header example

       self.send_output.emit("\n[{}][HTTP REQUEST HEADERS]".format(self.Name))

       for name, valur in flow.request.headers.iteritems():

           self.send_output.emit('{}: {}'.format(name,valur))



       print flow.request.method # show method request

       # the model printer data

       self.send_output.emit('[NamePlugin]:: this is model for save data logging')



   def response(self, flow):

       print flow.__dict__

       print flow.response.__dict__

       print flow.response.headers.__dict__ #convert headers for python dict

       print flow.response.headers['Content-Type'] # get content type



       #every HTTP response before it is returned to the client

       with decoded(flow.response):

           print flow.response.content # content html

           flow.response.content.replace('