Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Locked Eaphammer


0x1

Recommended Posts

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

 

This is the hidden content, please

 

eaphammer

=========

 

by Gabriel Ryan

 

Overview

--------

 

EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface that can be leveraged to execute powerful wireless attacks with minimal manual configuration. To illustrate how fast this tool is, here's an example of how to setup and execute a credential stealing evil twin attack against a WPA2-TTLS network in just two commands:

 

# generate certificates

./eaphammer --cert-wizard

 

# launch attack

./eaphammer -i wlan0 --channel 4 --auth ttls --wpa 2 --essid CorpWifi --creds

 

 

Features

--------

 

- Steal RADIUS credentials from WPA-EAP and WPA2-EAP networks.

- Perform hostile portal attacks to steal AD creds and perform indirect wireless pivots

- Perform captive portal attacks

- Built-in Responder integration

- Support for Open networks and WPA-EAP/WPA2-EAP

- No manual configuration necessary for most attacks.

- No manual configuration necessary for installation and setup process

 

Upcoming Features

-----------------

 

- Perform seemeless MITM attacks with partial HSTS bypasses

- Support attacks against WPA-PSK/WPA2-PSK

- Support for SSID cloaking

- Generate timed payloads for indirect wireless pivots

- Integrated PowerShell payload generation

- impacket integration for SMB relay attacks

- directed rogue AP attacks (deauth then evil twin from PNL, deauth then karma + ACL)

- Updated hostapd-wpe that works with the latest version of Hostapd

- Integrated website cloner for cloning captive portal login pages

- Integrated HTTP server

 

Will this tool ever support Karma attacks?

 

- At some point yes, but for now the focus has been on directed evil twin attacks.

- If Karma attacks are like a wireless grenade launcher, this tool is more like an easy-to-use wireless sniper rifle

 

 

Download & Source : [HIDE-THANKS]

This is the hidden content, please

[/HIDE-THANKS]

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.