WiFi-Pumpkin v0.8.1 - Framework for Rogue Wi-Fi Access Point Attack

Monday, August 29, 2016

Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a open source security tool that provides the Rogue access point to Man-In-The-Middle and network attacks.

Kali 2.0/WifiSlax 4.11.1/Parrot 3.0.1/2.0.5
  • Python 2.7
 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
 cd WiFi-Pumpkin
 ./installer.sh --install
refer to the wiki for Installation

  • Rogue Wi-Fi Access Point
  • Deauth Attack Clients AP
  • Probe Request Monitor
  • DHCP Starvation Attack
  • Credentials Monitor
  • Transparent Proxy
  • Windows Update Attack
  • Phishing Manager
  • Partial Bypass HSTS protocol
  • Support beef hook
  • Mac Changer
  • ARP Poison
  • DNS Spoof
  • Patch Binaries via MITM

Plugin Description
net-creds Sniff passwords and hashes from an interface or pcap file
dns2proxy This tools offer a different features for post-explotation once you change the DNS server to a Victim.
sslstrip2 Sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping attacks based version fork @LeonardoNve/@xtr4nge.
sergio-proxy Sergio Proxy (a Super Effective Recorder of Gathered Inputs and Outputs) is an HTTP proxy that was written in Python for the Twisted framework.
BDFProxy-ng Patch Binaries via MITM: BackdoorFactory + mitmProxy, bdfproxy-ng is a fork and review of the original BDFProxy @secretsquirrel.

Transparent Proxy
Transparent proxies that you can use to intercept and manipulate HTTP/HTTPS traffic modifying requests and responses, that allow to inject javascripts into the targets visited. You can easily implement a module to inject data into pages creating a python file in directory "Proxy" automatically will be listed on PumpProxy tab.

Plugins Example
The following is a sample module that injects some contents into the tag to set blur filter into body html page:
import logging
from Plugin import PluginProxy
from Core.Utils import setup_logger

class blurpage(PluginProxy):
    ''' this module proxy set blur into body page html response'''
    _name          = 'blur_page'
    _activated     = False
    _instance      = None
    _requiresArgs  = False

    def getInstance():
        if blurpage._instance is None:
            blurpage._instance = blurpage()
        return blurpage._instance

    def __init__(self):
        self.injection_code = []

    def LoggerInjector(self,session):
        setup_logger('injectionPage', './Logs/AccessPoint/injectionPage.log',session)
        self.logging = logging.getLogger('injectionPage')

    def setInjectionCode(self, code,session):

    def inject(self, data, url):
        injection_code = '''<head> <style type="text/css">
        filter: blur(2px);
        -webkit-filter: blur(2px);}
        self.logging.info("Injected: %s" % (url))
        return data.replace('<head>',injection_code )


  • Kali Linux 2.0

  • kubuntu 15.10 

  • Parrot OS

FAQ on the wiki

Subscribe via e-mail for updates!