Wifi Pineapple Alternative – FruityWifi

FruityWifi is an open source tool to audit / intercept wireless networks alternative to Wifi Pineapple. It allows the user to deploy advanced attacks by directly using the web interface or by sending messages to it. Initially the application was created to be used with the Raspberry-Pi, but it can be installed on any Debian based system.

FruityWifi is based on modules making it more flexible. These modules can be installed from the control panel to provide FruityWifi with new functionalities.

  • Within the available modules you can find URLsnarf, DNSspoof, Kismet, mdk3, ngrep, nmap, Squid3 y SSLstrip (code injection functionality), Captive Portal, AutoSSH, Meterpreter, Tcpdump and more.
  • AutoSSH allows the user to create a reverse ssh connection, restarting it in case that the connection has been closed or dropped. It is useful to keep a permanent connection with FruityWifi.
  • Meterpreter is an outstanding tool to gather information from a compromised host, manipulate system processes and/or kill them, and more. This module allows FruityWifi to compromise more hosts and use them to access more devices and networks.
  • Nessus is a vulnerability scanner. With this module it is possible to scan hosts from FruityWifi without using the Nessus interface. We can discover the vulnerabilities present on each of the hosts to understand the attack surface and compromise them.
  • Among the new features FruityWifi now supports Mobile Broadband (3G/4G). We can use this module to connect a 3G/4G dongle and give internet access to FruityWifi without the need of Wifi or Ethernet.
  • The main function of Tcpdump is to analyze network traffic. With this module we can intercept the traffic passing through the device, filter it and/or store it for post analysis.
  • Ettercap is a tool able to capture network traffic and perform different attacks. With this module we can perform MITM attacks using ARP poisoning.

url: http://localhost/FruityWifi/
user: admin
pass: admin

Services

  • Wireless: Start|Stop wireless access point. (hostapd)
  • Supplicant: Connects to the internet using a wireless interface
  • Karma: REF: http://www.digininja.org/karma/
  • URL Snarf: Start|Stop urlsnarf
  • URL Spoof: Start|Stop urlsnarf
  • Kismet: Start|Stop kismet
  • Squid: Start|Stop squid3
  • sslstrip: Start|Stop sslstrip
  • Interfaces/IP List of interfaces and IPs assigned
  • Stations List of hosts connected
  • DHCP List of IPs assigned to the connected hosts

Interfaces:

  • Internet: Use these interfaces to connect to the internet (eth|wlan)
  • Wifi: Use these interfaces as access point (hostapd|karma)
  • Extra: Use these interfaces for extra features like Kismet
  • Supplicant:Use this interface to connect internet through wireless. Note: use a different interface as for Wifi interface

Wifi Setup:

  • Open | Secure: Select an Open or Secure access point. (Secure access point requires a passphrase)
  • Change SSID: Change the SSID name
  • passphrase: Passphrase for the Secure access point option

WPA Supplicant:

  • supplicant_ssid: SSID of the access point to connect through wireless (internet)
  • supplicant_psk: pass of the access point to connect through wireless (internet)

DNS Spoof:

  • configuration file for dnsspoof

Password:

  • change the admin password

Modules

External modules can be added from the menu option Modules

Nmap Module Interface

DNS Spoof Module Interface

Current external modules

module nmap
module dnsspoof
module sslstrip
module urlsnarf

Install Script

Note: you need to download the master.zip file.

  • You need Debian (or based) installed (or a Live CD version) to use this script.
  • Download the zip file from here.
  • Unzip the file and run install-FruityWifi.sh (This script will install all the dependencies and setups)
  • Done.

x86/x64 Version:

#!/bin/bash

# squid3
# dnsmasq
# nmcli (new version)
# network-manager (new version)
# karma-hostapd
# sslstrip
# dnsspoof
# urlsnarf

find FruityWifi -type d -exec chmod 755 {} \;
find FruityWifi -type f -exec chmod 644 {} \;

mkdir tmp-install
cd tmp-install

apt-get update

# DEP HOSTAPD-KARMA
apt-get -y install libnl1
apt-get -y install libnl-dev
apt-get -y install libssl-dev

# INSTALL HOSTAPD-KARMA
#wget http://www.digininja.org/files/hostapd-1.0-karma.patch.bz2
wget http://www.digininja.org/files/hostapd-1.0-karma.tar.bz2

bunzip2 hostapd-1.0-karma.tar.bz2
tar xvf hostapd-1.0-karma.tar
cd hostapd-1.0-karma/hostapd
make
cp hostapd /usr/sbin/karma-hostapd
cp hostapd_cli /usr/sbin/karma-hostapd_cli
cd ../../

# INSTALL SQUID3
apt-get -y install squid3

# INSTALL DNSMASQ
apt-get -y install dnsmasq

# INSTALL GPSD
apt-get -y install gpsd
apt-get -y install gpsd-clients

# DEP NETWORK-MANAGER
apt-get -y install wireless-tools
apt-get -y install libiw-dev
apt-get -y install libpackagekit-glib2-12
apt-get -y install libdbus-glib-1-dev
apt-get -y install libpackagekit-glib2-14
apt-get -y install libpackagekit-glib2-dev
apt-get -y install libgudev-1.0-dev
#apt-get -y install libnl-dev
apt-get -y install uuid-dev
apt-get -y install uuid
apt-get -y install nss
apt-get -y install libnss-db
apt-get -y install libnss3-dev
apt-get -y install ppp-dev
apt-get -y install intltool
apt-get -y install libgudev-1.0-dev
apt-get -y install libnl-3-dev
apt-get -y install libnl-route-3-dev
apt-get -y install libnl-genl-3-dev
#apt-get -y install libnl1 libnl-dev

# INSTALL NTWORK-MANAGER 0.9.8.4
#wget http://ftp.gnome.org/pub/GNOME/sources/NetworkManager/0.9/NetworkManager-0.9.8.4.tar.xz
#tar xvf NetworkManager-0.9.8.4.tar.xz
#cd NetworkManager-0.9.8.4

wget http://ftp.gnome.org/pub/GNOME/sources/NetworkManager/0.9/NetworkManager-0.9.8.8.tar.xz
tar xvf NetworkManager-0.9.8.8.tar.xz
cd NetworkManager-0.9.8.8

./configure
make
make install
#cp cli/src/nmcli /usr/bin/nmcli
cd ../

# APACHE2 SETUP
cd ../
cp -a FruityWifi /
ln -s /FruityWifi/www /var/www/FruityWifi
ln -s /FruityWifi/logs /var/www/FruityWifi/logs
mkdir /var/www/tmp
chown www-data.www-data /var/www/tmp
chmod 777 /var/www/tmp
chmod 755 /FruityWifi/squid.inject/poison.pl
cp -a /FruityWifi/www.site /var/www/site
chown -R www-data.www-data /var/www/site
chmod 777 /var/www/site/data.txt
chmod 777 /var/www/site/inject/data.txt

#mkdir /FruityWifi/logs/kismet
#mkdir /FruityWifi/logs/sslstrip

# BIN
cd /FruityWifi/www/bin/
gcc danger.c -o danger
chmod 4755 danger

/etc/init.d/apache2 start

echo “ENJOY!”
echo “”

New modules are being developed continuously and can be installed from the modules page.

Other Tutorials:

 

 

Manny Cuevas

My name is Manny Cuevas a Security Researcher / Engineer for about 15 years that focuses on Web and Mobile applications and other platforms from the Island of Sulu, Philippines. I’m also a scientist, inventor and a top ranked hacker in the world that bypass all security systems.

 

Leave a Reply

Your email address will not be published. Required fields are marked *