image
by Gabriel Ryan ( s0lst1c3 )(gryan[at]specterops.io) EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface that can be leveraged to execute powerful wireless attacks with minimal manual configuration. To illustrate just how fast this tool is, our Quick Start section provides an example of how to execute a credential stealing evil twin attack against a WPA/2-EAP network in just commands. Quick Start Guide (Kali) Begin by cloning the eaphammer repo using the following command: git clone https://github.com/s0lst1c3/eaphammer.git Next run the kali-setup file as shown below to complete the eaphammer setup process. This will install dependencies and compile the project: ./kali-setup To setup and execute a credential stealing evil twin attack against a WPA/2-EAP network: # generate certificates ./eaphammer –cert-wizard # launch attack ./eaphammer -i wlan0 –channel 4 –auth wpa-eap –essid CorpWifi –creds Usage and Setup Instructions For complete usage and setup instructions, please refer to the project's wiki page: https://github.com/s0lst1c3/eaphammer/wiki Features Steal RADIUS credentials from WPA-EAP and WPA2-EAP networks. Perform hostile portal attacks to steal AD creds and perform indirect wireless pivots Perform captive portal …