Features
- Rogue Wi-Fi Access Point
- Deauth Attack Clients AP
- Probe Request Monitor
- DHCP Starvation Attack
- Credentials Monitor
- Transparent Proxy
- Windows Update Attack
- Phishing Manager
- Partial Bypass HSTS protocol
- Support beef hook
- ARP Poison
- DNS Spoof
- Patch Binaries via MITM
- Karma Attacks (support hostapd-mana)
- LLMNR, NBT-NS and MDNS poisoner (Responder)
- Pumpkin-Proxy (ProxyServer (mitmproxy API))
- Capture images on the fly
Plugins
| Plugin | Description |
|---|---|
| Dns2proxy | This tools offer a different features for post-explotation once you change the DNS server to a Victim. |
| Sstrip2 | Sslstrip is a MITM tool that implements Moxie Marlinspike’s SSL stripping attacks based version fork @LeonardoNve/@xtr4nge. |
| Sergio_proxy | Sergio Proxy (a Super Effective Recorder of Gathered Inputs and Outputs) is an HTTP proxy that was written in Python for the Twisted framework. |
| Patch Binaries via MITM: BackdoorFactory + mitmProxy, bdfproxy-ng is a fork and review of the original BDFProxy @secretsquirrel. | |
| Responder an LLMNR, NBT-NS and MDNS poisoner. Author: Laurent Gaffie |
Installation
git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
cd WiFi-Pumpkin
./installer.sh –install
Changelog Version 0.8.5
————-
– added new plugin TCP-Proxy
– added capture image HTTP request (Tab ImageCap)
– added new HTTP-request widgets get info from Headers requests
– added new columm (url) on HTTP-Authentication
– added now WF allow to start without internet connection
– added option that exclude USB card on start
– added support to use 2 wireless cards #211
– remove netcreds plugin thks for all DanMcInerney
– added Python DNS Server improvements #165
– added new style in progressbar on home
– fixed possible bug when start AP with interface wlanx
– fixed exit app when exclude USB adapter
– fixed Network-ManagerUI again
– fixed error: iptables Bad argument
– added option for check network connection Tab->Settings
– fixed error TCP-Proxy plugin imageCap #218
– fixed possible error [Errno 2] No such file or directory #217
– fixed replace bs4 to BeautifulSoup #228
– fixed argument for ‘s’ must be a string #232 thanks @okazymyrov
– fixed IndexError: Layer [Raw] not found #234
– added option for restore NM USB adpater after app closed #239
– moved option settings -> Menu File
– fixed hide error sslstrip exceptions.RuntimeError
– fixed [Errno socket error] [Errno -2] Name or service not known #252
– fixed control lock/unlock plugins tabs when changes options
– fixed PhishingManager error when try shutdown httpd server
– fixed Windows UpdateFake modules
– fixed check return is NoneType from function get_interface_mac
– fixed No such file or directory: ‘settings/dhcpd.conf’ #266
– fixed Wireless Deauth module scan network with airodump-ng
– added plugin PumpkinProxy: disable browser caching, cache-control in HTML
– added constants into a separate module [more modular design]
– fixed pumpking-proxy all plugins inject page #272
– fixed issue #273
– fixed function get ipaddress by interface
– added new colorQListWidget [hover, selection]
– added new design Qtableview for default theme
– added hostapd option BSSID configuration [Settings TAB]
– added show security password type option [Settings TAB]
– fixed dhcpserver exception try get hostname device #277
– fixed set border just table home in default theme
– added Qapplication: allow only one instance of WP to run
– fixed dhcpd server error can’t read file or directory
– removed monitors views [dns2proxy,urlcreds,credentials]
– added dashboard infor [uptime,threads,AP info] in tab home
– added more code organization in file main.py
– fixed bug not working as expected #279
– fixed small bug with Table when add new users
– added new icon WiFi-Pumpkin
– fixed group all object PyQt4 QtGui,QtCore
– fixed except when try import QtGui
– fixed detect if range ip class is same the [DHCP Server] #285
– fixed import QtGui thanks @Brain2000 #282
– fixed redirect Traffic from all domain [dns spoof] #296
– added run WP without mitmproxy packager #309
– fixed cryptography kali 2017.3 thanks @yudevan #315
– fixed import Queue module from multiprocessing #357