View Issue Details

IDProjectCategoryView StatusLast Update
0006577Kali Linux[All Projects] Queued Tool Additionpublic2020-09-01 21:36
ReporterMister_X Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status acknowledgedResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0006577: WPA Sycophant
Description- [Name] - wpa_sycophant
- [Version] - 1.0
- [Homepage] - https://github.com/sensepost/wpa_sycophant
- [Download] - https://github.com/sensepost/wpa_sycophant/releases/tag/v1.0
- [Author] - Cablethief, Sensepost
- [Licence] - https://github.com/sensepost/wpa_sycophant/blob/v1.0/README
- [Description] - Evil client portion of EAP relay attack
- [Dependencies] - hostapd-mana openssl
- [Similar tools] - hostapd-mana
- [How to install] -
cd wpa_supplicant
make
make install
# Rename wpa_supplicant to wpa_sycophant (AFAIK, no need for any other binary)
# Download https://raw.githubusercontent.com/sensepost/wpa_sycophant/master/wpa_sycophant.sh and replace it in the package (it fixes the cleanup), guessing in /usr/local/sbin
- [How to use] -
Create configuration file:
network={
  ssid="TestingEAP"
  # The SSID you would like to relay and authenticate against.
  scan_ssid=1
  key_mgmt=WPA-EAP
  # Do not modify
  identity=""
  anonymous_identity=""
  password=""
  # This initialises the variables for me.
  # -------------
  eap=PEAP
  phase1="crypto_binding=0 peaplabel=0"
  phase2="auth=MSCHAPV2"
  # Dont want to connect back to ourselves,
  # so add your rogue BSSID here.
  bssid_blacklist=00:14:22:01:23:45
}
---
Run: wpa_sycophant.sh -c wpa_sycophant_example.conf -i wlan0

Activities

g0tmi1k

2020-09-01 21:36

administrator   ~0013363

@kali-team, please could this be packaged up.

Issue History

Date Modified Username Field Change
2020-07-16 01:12 Mister_X New Issue
2020-09-01 21:36 g0tmi1k Status new => acknowledged
2020-09-01 21:36 g0tmi1k Category New Tool Requests => Queued Tool Addition
2020-09-01 21:36 g0tmi1k Product Version 2020.2 =>
2020-09-01 21:36 g0tmi1k Note Added: 0013363