With the tool WiFi Pumpkin you will be able to spy on your own WiFi network or to which you are connected, by means of an attack type MiTM (Man in The Middle). That is, you will be able to access the traffic that passes through the network to be able to spy on everything that is being transferred through it. This can be used for illegal purposes, but also to audit what is happening on your network.
In this tutorial You will learn to use this tool to be able to capture everything that is transferred from or to any of the devices that are connected to that same WiFi network. Some cybercriminals use it to get private information from victims, using passwordless WiFi hotspots so people can fall for it and connect to public WiFi.
What is WiFi Pumpkin
WiFi Pumpkin it is nothing more than a framework whose purpose is to create fake networks while forwarding traffic from the target to it. You will see below that it has many features, since it is also a fairly complete option when performing security audits of a WiFi.
- Rogue Wi-Fi access point
- Deauth Attack Clients AP
- Probe request monitor
- DHCP starvation attack
- Credential monitor
- Transparent proxy
- Windows Update Attack
- Phishing manager
- HSTS protocol partial bypass
- Support meat hook
- ARP Poison
- DNS Spoof
- Patch binaries via MITM (BDF-Proxy)
- Poisoner LLMNR, NBT-NS and MDNS (Answering Service)
- Pumpkin-Proxy (ProxyServer (API mitmproxy))
- Capture images on the go
- TCP-Proxy (with scapy)
- Modulated plugins and proxies
- Wireless modes support hostapd-mana / hostapd-karma attacks
The first are the hardware requirements, it is necessary to have a network adapter with the possibility of connecting via Ethernet cable (RJ-45) to your WiFi router. If you already have that set up, you can continue with the following …
To be able to use WiFi Pumpkin you will only need a GNU / Linux distro, either installed on your physical machine, in a virtual machine or using a Live to avoid installing this one. You can use any of them, also those intended for hackning and security audits such as WiFiSlax, Kali Linux, etc.
Download WiFi Pumpkin
Access the following link where you can download the source code of WiFi Pumpkin from GitHub to copy it to your system or clone it. You must have Python 2.7 installed on your Operating System.
How to use WiFi Pumpkin to spy on WiFi network
If you have followed the steps above, you will have seen that the graphical interface of WiFi Pumpkin has been opened. In it you will be able to carry out all the operations and analysis of the traffic of your WiFi network.
The steps that follow are:
- Choose the network adapter where you have connected the network cable.
- Select the SSID you want for your network or the one you are auditing. It is the visible name of the network, the one that appears when you try to connect to it.
- Leave the other fields as is unless you need a specific change. Press Start to get it started.
- After that, a new WiFi zone has been created to which devices within coverage can connect.
- As soon as a device connects to the network, its details will start to appear on the screen. If it doesn’t appear automatically go to Tools> Active Driftnet.
- Now they will begin to send screenshots of any connected device to be able to see what they are doing.
Obviously, the tool is much more complex and allows many more parameters, but this is the basic use.
Other related guides: