EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface that can be leveraged to execute powerful wireless attacks with minimal manual configuration. To illustrate just how fast this tool is, our Quick Start section provides an example of how to execute a credential stealing evil twin attack against a WPA/2-EAP network in just commands.
EAPHammer (the "Software") and associated documentation is provided “AS IS”. The Developer makes no other warranties, express or implied, and hereby disclaims all implied warranties, including any warranty of merchantability and warranty of fitness for a particular purpose. Any actions or activities related to the use of the Software are the sole responsibility of the end user. The Developer will not be held responsible in the event that any criminal charges are brought against any individuals using or misusing the Software. It is up to the end user to use the Software in an authorized manner and to ensure that their use complies with all applicable laws and regulations.
Begin by cloning the eaphammer repo using the following command:
git clone https://github.com/s0lst1c3/eaphammer.git
Next run the kali-setup file as shown below to complete the eaphammer setup process. This will install dependencies and compile the project:
To setup and execute a credential stealing evil twin attack against a WPA/2-EAP network:
# generate certificates
# launch attack
./eaphammer -i wlan0 --channel 4 --auth wpa-eap --essid CorpWifi --creds
EAPHammer now supports WPA/2-PSK along with WPA handshake captures.
EAPHammer now supports rogue AP attacks against OWE and OWE-Transition mode networks.
EAPHammer now supports 802.11w (Protected Management Frames), Loud Karma attacks, and Known Beacon attacks (documentation coming soon).
EAPHammer will now automatically attempt a GTC Downgrade attack against connected clients in an attempt to capture plaintext credentials (see: www.youtube.com/watch?v=-uqTqJwTFyU).
EAPHammer's Cert Wizard has been expanded to provide users with the ability to create, import, and manage SSL certificates in a highly flexible manner. Cert Wizard's previous functionality has been preserved as Cert Wizard's Interactive Mode, which uses the same syntax as previous versions. See XIII - Cert Wizard for additional details.
EAPHammer now uses a local build of libssl that exists independently of the systemwide install. This local version is compiled with support for SSLv3, allowing EAPHammer to be used against legacy clients without compromising the integrity of the attacker's operating system.
Contributions are encouraged and more than welcome. Please attempt to adhere to the provided issue and feature request templates.
Download Eaphammer v1.9.0: https://github.com/s0lst1c3/eaphammer
The recent pandemic was unexpected and unknown to most part of the world. It has changed our life and we are slowly adapting to our new lifestyle. The risks associated with the new lifestyle, both personal & corporate, are unknown to most of us.Read Details