In previous tutorials, I have shown how to crack WEP, WPA2, and WPS, but some people have complained that cracking WPA2 takes too long and that not all access points have WPS enabled (even though quite a few do).

To help out in these situations, I present to you an almost surefire way to get a Wi-Fi password without cracking—Wifiphisher.

Please do NOT post questions on why it doesn't work until you check if your wireless adapter can do packet injection. Notice at the bottom of my example that it has discovered the network "wonderhowto." That is the network we will be attacking.

Please do NOT post questions on why it doesn't work until you check if your wireless adapter can do packet injection. Notice at the bottom of my example that it has discovered the network "wonderhowto." That is the network we will be attacking. The idea here is to create an evil twin AP, then de-authenticate or Do S the user from their real AP.When they re-authenticate to your fake AP with the same SSID, they will see a legitimate-looking webpage that requests their password because of a "firmware upgrade." When they provide their password, you capture it and then allow them to use the evil twin as their AP, so they don't suspect a thing. To sum up, Wifiphisher takes the following steps: Similar scripts have been around for awhile, such as Airsnarf, but this new Wifiphisher script is more sophisticated.

