UPDATE: Wifiphisher v1.3!

An older post describing Wifiphisher can be found here. Recently an update was made to the open source tool that helps you execute speedy and automated phishing attacks against wireless networks. Most notably, this new release includes the Lure10 attack – a novel way for associating automatically with any device that is within range running the latest Windows.


The author did a presentation at the HITBSecConf Amsterdam 2017 and it’s related slides titled – “Lure10: Exploiting Windows Automatic Wireless Association Algorithm” can be found here.

What’s new in Wifiphisher v1.3?

  • Introduced --quitonsuccess (-qS) option.
  • Introduced Travis CI.
  • Install pylint in Travis.
  • Web server migration to Tornado. Fixes various bugs and increases performance.
  • Remove DNS leases after the script restarts.
  • Introduced --internetinterface (-iI) option to provide internet connectivity to victims.
  • Added support for iOS and Android to our network manager imitation template.
  • Introduced a new de-authentication module.
  • Introduced a new recon module, including new features in target AP selection phase.
  • Code refactoring including a more modular design.
  • Introduced access point module serving as a hostapd wrapper.
  • Introducing Lure10, an attack for automatic association against Windows devices.

So now, you can run the latest build with a --lure10-exploit LURE10_EXPLOIT command line option to fool the Windows Location Service of nearby Microsoft Windows users to believe it is within an area that was previously captured with --lure10-capture. Also, --internetinterface does NOT work with wireless interfaces. As of now, it works with wired interfaces only!

Download Wifiphisher v1.3:

wifiphisher-1.3.zip/wifiphisher-1.3.tar.gz can be downloaded here.