Fluxion is a Wi-Fi cracker which attempts to retrieve a Wi-Fi password through a social engineering (phishing) attack. It represents Fluxion is a remake of linset by vk496 with enhanced functionality. Although most of Fluxion’s attacks’ setup is manual, there are some semi-auto options available to aid the user.
/attacks/Captive Portal/sites/directory. “Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for “fair use” for purposes such as criticism, comment, news reporting, teaching, scholarship, and research. “
Fluxion: MITM Wi-Fi Cracker
Fluxion first scans for the target Wi-Fi network. After finding the network, it will launch the ‘Handshake Snooper’ attack where it will attempt to retrieve WPA/WPA2 password hashes (the four-way handshake) for key verification. Subsequently, the ‘Captive Portal’ attack will be launched which will create a rogue network and captive portal. Fluxion will then find the corresponding password when the target enters the correct password into the dummy network.
How It Works (Attack Mechanism)
Fluxion uses two main attack mechanisms, Handshake Snooper and Captive Portal. We will explain both in more details below.
After selecting the target network, the user should use a target interface which supports network mode. This will allow the user system to monitor all traffic on the target network. This will ensure that all successful handshake keys are captured. After this, the user must select one of two methods of attack, passive or aggressive.
Captive Portal Attack
In this attack, the user will have to target the user towards the authentication captive portal. This is basically a login page where the user will be required to enter the password for the Wi-Fi network. Fluxion will then test the password on the original network.
If the password is correct, the user will then be allowed to connect to the original access point, and we will get the WIFI password. However, if the password is incorrect, the clients will be informed of the invalid password and then given the opportunity to enter the correct password.
Before executing this attack, the user must select various options including the target network, wireless network interface to disconnect the clients, network interface to serve the captive portal, location of the verification hash file, whether to serve an SSH/TLS certificate and the user interface for the captive portal.
- Attack WPA/WPA2 password protected networks
- User can attack passively or aggressively depending on conditions
- Simple to install and execute
- Updated weekly with new features, improvements and patches
- Linux -based OS (Kali Linux Rolling + external Wi-Fi card is recommended)
Clone the repo:
$ git clone email@example.com:FluxionNetwork/fluxion.git # Or if you prefer https $ git clone https://www.github.com/FluxionNetwork/fluxion.git
Navigate to the working directory and and run the installation script (dependencies will be installed automatically):
$ cd fluxion $ sudo ./fluxion.sh
On Arch Linux:
$ cd bin/arch $ makepkg
or use the BlackArch repo:
$ pacman -S fluxion
From the Fluxion directory, execute fluxion. You can optionally pass parameters:
or with parameters:
# Kills any processes utilizing wireless interfaces selected. # NOTICE: For a complete list of parameters, read the Flags & Preferences section. ./fluxion.sh -k # Or using legacy flags like below. export FLUXIONWIKillProcesses=1; ./fluxion.sh
|Prints script version & revision.|
|Prints help information.|
|Enables debugging messages & behavior.|
|Kills processes using selected interface (UNSAFE & DISCOURAGED).|
|Reloads the selected interface’s wireless driver.|
|Enables the use of airmon-ng for monitor mode switching, rather than fluxion.|
|Enables the usage of tmux, rather than xterm (currently not implemented).|
|Targets the specified ESSID (requires BSSID, & channel to be specified).|
|Targets the specified BSSID (requires ESSID, & channel to be specified).|
|Targets the specified channel (requires BSSID, & ESSID to be specified).|
|Sets the language to be used for the command line interface.|
|Sets the target to be launched.|
|Sets the xterm windows’ ratio.|
For detailed information and available options for attacks, click on the ‘documentation’ button below.