(Wireless) (RogueAP) (MITM) (Phishing) attack framework
captal is a security auditing and social-engineering research project.
The main goal is to provide the modular constructor for MITM-Phishing attacks. See examples for usage.
- lighttpd
- isc-dhcp-server
- perl-net-dns (and perl itself)
- hostapd
- php-cgi
@ETCDIR@/captal/chkwpa.conf: captal-chkwpa tool configuration@ETCDIR@/captal/dhcpd.conf: dhcp server configuration@ETCDIR@/captal/hostapd.conf: rogue AP configuration@ETCDIR@/captal/lighttpd.conf: phishing server configuration
@RCDIR@/captal: start/stop all captal services in correct order@RCDIR@/captal-prepare: prepare rogue AP interface@RCDIR@/captal-hostapd: start/stop rogue AP server@RCDIR@/captal-dhcpd: start/stop dhcp server@RCDIR@/captal-dnsserv: start/stop dns server@RCDIR@/captal-lighttpd: start/stop phishing server
@BINDIR@/captal-chkwpa: check phished wpa/wpa2 password against sniffed handshakes@BINDIR@/captal-dnsserver: simple and extendable dns server@BINDIR@/captal-gencert: generate self-signed certificate for phishing site
/var/log/messages: dhpcd, captal-dnsserv (info), hostapd, lighttpd/var/log/lighttpd.log: lighttpd/var/log/captal-dnsserv.log: captal-dnsserv (verbose)/var/log/mail: captal-chkwpa successful phished password
@WWWDIR@/captal/sites(screenshots)
The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law.