Wireless Attacks

FruityWifi – Open Source Tool to Audit Wireless Networks

FruityWifi is an open source tool to audit wireless networks. It allows the user to deploy advanced attacks by directly using the web interface or by sending messages to it.

Initialy the application was created to be used with the Raspberry-Pi, but it can be installed on any Debian based system. adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi), Bugtraq.

FruityWifi v2.1 has many upgrades. A new interface, new modules, Realtek chipsets support, Mobile Broadband (3G/4G) support, a new control panel, and more.

fruitywifi

 

FruityWifi is based on modules making it more flexible. These modules can be installed from the control panel to provide FruityWifi with new functionalities.

Within the available modules you can find URLsnarf, DNSspoof, Kismet, mdk3, ngrep, nmap, Squid3 y SSLstrip (code injection functionality), Captive Portal, AutoSSH, Meterpreter, Tcpdump and more.

AutoSSH allows the user to create a reverse ssh connection, restarting it in case that the connection has been closed or dropped. It is useful to keep a permanent connection with FruityWifi.

is based on modules making it more flexible. These modules can be installed from the control panel to provide FruityWifi with new functionalities.

Within the available modules you can find URLsnarf, DNSspoof, Kismet, mdk3, ngrep, nmap, Squid3 y SSLstrip (code injection functionality), Captive Portal, AutoSSH, Meterpreter, Tcpdump and more.

AutoSSH allows the user to create a reverse ssh connection, restarting it in case that the connection has been closed or dropped. It is useful to keep a permanent connection with FruityWifi.
Meterpreter is an outstanding tool to gather information from a compromised host, manipulate system processes and/or kill them, and more. This module allows FruityWifi to compromise more hosts and use them to access more devices and networks.

Nessus is a vulnerability scanner. With this module it is possible to scan hosts from FruityWifi without using the Nessus interface. We can discover the vulnerabilities present on each of the hosts to understand the attack surface and compromise them.

Among the new features FruityWifi now supports Mobile Broadband (3G/4G). We can use this module to connect a 3G/4G dongle and give internet access to FruityWifi without the need of Wifi or Ethernet.
The main function of Tcpdump is to analyze network traffic. With this module we can intercept the traffic passing through the device, filter it and/or store it for post analysis.
Ettercap is a tool able to capture network traffic and perform different attacks. With this module we can perform MITM attacks using ARP poisoning.

FruityWifi Version 2.1 Changelog:

  • Hostapd Mana support has been added
  • Phishing service has been replaced by phishing module
  • Karma service has been replaced by karma module
  • Sudo has been implemented (replacement for danger)
  • Logs path can be changed
  • Squid dependencies have been removed from FruityWifi installer
  • Phishing dependencies have been removed from FruityWifi installer
  • New AP options available: hostapd, hostapd-mana, hostapd-karma, airmon-ng
  • Domain name can be changed from config panel
  • New install options have been added to install-FruityWifi.sh
  • Install/Remove have been updated

 

FruityWifi Videos

FruityWifi + Raspberry Pi + adafruit 16×2 lcd + keypad

Download FruityWifi at Github Repository

I started blogging around 2011 at #Ubuntupirates, #ProjectX and #pir8geek, I’m currently working as Network/Linux SysAdmin.

I’m a Linux,opensource advocate and interested in network security and InfoSec.

Leave a Reply