Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) fewer bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It’s compatible with the latest release of Kali (rolling). Fluxion’s attacks’ setup is mostly manual, but experimental auto-mode handles some of the attacks’ setup parameters. Read the FAQ before requesting issues.

If you need quick help, fluxion is also available on gitter. You can talk with us on Gitter or on Discord.

Read here before you do the following steps.
Download the latest revision

git clone git@github.com:FluxionNetwork/fluxion.git

# Or if you prefer https 

git clone https://www.github.com/FluxionNetwork/fluxion.git

Switch to tool’s directory

cd fluxion 

Run fluxion (missing dependencies will be auto-installed)

./fluxion.sh

Fluxion is also available in arch

cd bin/arch
makepkg

or using the blackarch repo

pacman -S fluxion

Fluxion gets weekly updates with new features, improvements, and bugfixes. Be sure to check out the changelog here.

All contributions are welcome! Code, documentation, graphics, or even design suggestions are welcome; use GitHub to its fullest. Submit pull requests, contribute tutorials or other wiki content — whatever you have to offer, it’ll be appreciated but please follow the style guide.

• Scan for a target wireless network.

• Launch the Handshake Snooper attack.

• Capture a handshake (necessary for password verification).

• Launch Captive Portal attack.

• Spawns a rogue (fake) AP, imitating the original access point.

• Spawns a DNS server, redirecting all requests to the attacker’s host running the captive portal.

• Spawns a web server, serving the captive portal which prompts users for their WPA/WPA2 key.

• Spawns a jammer, deauthenticating all clients from original AP and luring them to the rogue AP.

• All authentication attempts at the captive portal are checked against the handshake file captured earlier.

• The attack will automatically terminate once a correct key has been submitted.

• The key will be logged and clients will be allowed to reconnect to the target access point.

• For a guide to the Captive Portal attack, read the Captive Portal attack guide

Disclaimer

Neither the project nor its developer promote any kind of illegal activity and are not responsible for any misuse or damage caused by this project.
This project is for educational purpose only.
Please do not use this tool on other people’s devices without their permission.
Do not use this tool to harm others.
Use this project responsibly on your own devices only.
It is the end user’s responsibility to obey all applicable local, state, federal, and international laws.

Cloning:
git clone https://github.com/4w4k3/BeeLogger.git
Running:
cd BeeLogger
sudo su
chmod +x install.sh
./install.sh
python bee.py
If you have another version of Python:

python2.7 bee.py
DISCLAIMER:
“DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.” Taken from LICENSE.

PhoneSploit Pro

PhoneSploit with Metasploit Integration.

An all-in-one hacking tool written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework.

Complete Automation to get a Meterpreter session in One Click

This tool can automatically Create, Install, and Run payload on the target device using Metasploit-Framework and ADB to completely hack the Android Device in one click if the device has open ADB port TCP 5555.

The goal of this project is to make penetration testing on Android devices easy. Now you don’t have to learn commands and arguments, PhoneSploit Pro does it for you. Using this tool, you can test the security of your Android devices easily.

PhoneSploit Pro can also be used as a complete ADB Toolkit to perform various operations on Android devices over Wi-Fi as well as USB.

Features

v1.0

• Connect device using ADB remotely.
• List connected devices.
• Disconnect all devices.
• Access connected device shell.
• Stop ADB Server.
• Take screenshot and pull it to computer automatically.
• Screen Record target device screen for a specified time and automatically pull it to computer.
• Download file/folder from target device.
• Send file/folder from computer to target device.
• Run an app.
• Install an APK file from computer to target device.
• Uninstall an app.
• List all installed apps in target device.
• Restart/Reboot the target device to System, Recovery, Bootloader, Fastboot.
• Hack Device Completely :
  • Automatically fetch your IP Address to set LHOST.
  • Automatically create a payload using msfvenom, install it, and run it on target device.
  • Then automatically launch and setup Metasploit-Framework to get a meterpreter session.
  • Getting a meterpreter session means the device is completely hacked using Metasploit-Framework, and you can do anything with it.

v1.1

• List all files and folders of the target devices.
• Copy all WhatsApp Data to computer.
• Copy all Screenshots to computer.
• Copy all Camera Photos to computer.
• Take screenshots and screen-record anonymously (Automatically delete file from target device).
• Open a link on target device.
• Display an image/photo on target device.
• Play an audio on target device.
• Play a video on target device.
• Get device information.
• Get battery information.
• Use Keycodes to control device remotely.

v1.2

• Send SMS through target device.
• Unlock device (Automatic screen on, swipe up and password input).
• Lock device.
• Dump all SMS from device to computer.
• Dump all Contacts from device to computer.
• Dump all Call Logs from device to computer.
• Extract APK from an installed app.

v1.3

• Mirror and Control the target device.

v1.4

• Power off the target device.

v1.5

• Scan local network for connected devices to get Target IP Address.

v1.6

• Record Microphone Audio
• Stream Microphone Audio
• Record Device Audio
• Stream Device Audio

Requirements

• python3 : Python 3.10 or Newer
• adb : Android Debug Bridge (ADB) from Android SDK Platform Tools
• metasploit-framework : Metasploit-Framework (msfvenom and msfconsole)
• scrcpy : Scrcpy
• nmap : Nmap

Run PhoneSploit Pro

PhoneSploit Pro does not need any installation and runs directly using python3

PhoneSploit Pro requires Python version 3.10 or above. Please update Python before running the program to meet the requirement.

On Linux / macOS :

Make sure all the required software are installed.

Open terminal and paste the following commands :

git clone https://github.com/AzeemIdrisi/PhoneSploit-Pro.git

cd PhoneSploit-Pro/

python3 phonesploitpro.py

On Windows :

Make sure all the required software are installed.

Open terminal and paste the following commands :

git clone https://github.com/AzeemIdrisi/PhoneSploit-Pro.git

cd PhoneSploit-Pro/

1. Download and extract latest platform-tools from here.

2. Copy all files from the extracted platform-tools or adb directory to PhoneSploit-Pro directory and then run :

python phonesploitpro.py

Screenshots

Tutorial

Setting up Android Phone for the first time

• Enabling the Developer Options

1. Open Settings.
2. Go to About Phone.
3. Find Build Number.
4. Tap on Build Number 7 times.
5. Enter your pattern, PIN or password to enable the Developer options menu.
6. The Developer options menu will now appear in your Settings menu.

• Enabling USB Debugging

1. Open Settings.
2. Go to System > Developer options.
3. Scroll down and Enable USB debugging.

• Connecting with Computer

1. Connect your Android device and adb host computer to a common Wi-Fi network.
2. Connect the device to the host computer with a USB cable.
3. Open a terminal in the computer and enter the following command :

adb devices

4. A pop-up will appear in the Android phone when you connect your phone to a new PC for the first time : Allow USB debugging?.
5. Click on Always allow from this computer check-box and then click Allow.
6. Then in the terminal enter the following command :

adb tcpip 5555

7. Now you can connect the Android Phone with the computer over Wi-Fi using adb.
8. Disconnect the USB cable.
9. Go to Settings > About Phone > Status > IP address and note the phone’s IP Address.
10. Run PhoneSploit Pro and select Connect a device and enter the target’s IP Address to connect over Wi-Fi.

Connecting the Android phone for the next time

1. Connect your Android device and host computer to a common Wi-Fi network.
2. Run PhoneSploit Pro and select Connect a device and enter the target’s IP Address to connect over Wi-Fi.

This tool is tested on

•  Ubuntu
•  Linux Mint
•  Kali Linux
•  Fedora
•  Arch Linux
•  Parrot Security OS
•  Windows 11
•  Termux (Android)

All the new features are primarily tested on Linux, thus Linux is recommended for running PhoneSploit Pro. Some features might not work properly on Windows.

Installing ADB

ADB on Linux :

Open terminal and paste the following commands :

• Debian / Ubuntu

sudo apt update

sudo apt install adb

• Fedora

sudo dnf install adb

• Arch Linux / Manjaro

sudo pacman -Sy android-tools

For other Linux Distributions : Visit this Link

ADB on macOS :

Open terminal and paste the following command :

brew install android-platform-tools

or Visit this link : Click Here

ADB on Windows :

Visit this link : Click Here

ADB on Termux :

pkg update

pkg install android-tools

Installing Metasploit-Framework

On Linux / macOS :

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
  chmod 755 msfinstall && \
  ./msfinstall

or Follow this link : Click Here

or Visit this link : Click Here

On Windows :

Visit this link : Click Here

or Follow this link : Click Here

Installing scrcpy

Visit the scrcpy GitHub page for latest installation instructions : Click Here

On Windows : Copy all the files from the extracted scrcpy folder to PhoneSploit-Pro folder.

If scrcpy is not available for your Linux distro like Kali Linux, then you can either manually install it : Manual Guide, or build it with a few simple steps : Build Guide

Installing Nmap

Nmap on Linux :

Open terminal and paste the following commands :

• Debian / Ubuntu

sudo apt update

sudo apt install nmap

• Fedora

sudo dnf install nmap

• Arch Linux / Manjaro

sudo pacman -Sy nmap

For other Linux Distributions : Visit this Link

Nmap on macOS :

Open terminal and paste the following command :

brew install nmap

or Visit this link : Visit this Link

Nmap on Windows :

Download and install the latest stable release : Click Here

Nmap on Termux :

pkg update

pkg install nmap

Disclaimer

• Neither the project nor its developer promote any kind of illegal activity and are not responsible for any misuse or damage caused by this project.
• This project is for educational purpose only.
• Please do not use this tool on other people’s devices without their permission.
• Do not use this tool to harm others.
• Use this project responsibly on your own devices only.
• It is the end user’s responsibility to obey all applicable local, state, federal, and international laws.