Until they enter the password to apply the update, the internet will not work. As soon as they join, an official-looking webpage mentioning their router's manufacturer opens and informs them that the router is undergoing a critical firmware update. After a few more attempts to join the protected network, they join the open network out of concern that their router is suddenly broadcasting a network without a password that anyone can join. That's when they notice a new network, with the same name as the old network, but requiring no password. Other devices are unable to connect to the network as well, and they begin to notice that not just one device, but every Wi-Fi device, has lost connection to the network.
They can still see the network, but every attempt to connect to it immediately fails.
To the target of a social engineering attack, the first signs of Wifiphisher look like a problem with the router. Any user that connects to the evil twin-like open network is served a convincing-looking phishing page demanding the Wi-Fi password to enable a firmware update, which is explained as the reason the Wi-Fi has stopped working. Wifiphisher believes the answer is "yes." The tool can select any nearby Wi-Fi network, de-authenticate all users (jam it), and create a cloned access point that requires no password to join. Instead, tools like Wifiphisher ask questions about the people behind those networks.ĭoes the average user know what their Wi-Fi router's login page looks like? Would they notice if it was different? More importantly, would a busy user, cut off from the internet and stressed out but the disruption, still enter their password to enable a fake update even if they noticed the login page looked a little different? Not knowing how strong the password you're attacking is can be frustrating, because investing the time and processing power involved in a dictionary or brute-force attack can make coming up dry feel like a massive waste of resources.
0 kommentar(er)
