zone13.io
-
Posts
5 -
Joined
-
Last visited
zone13.io's Achievements
Newbie (1/14)
-
It can be done.. just need some tweaking with the configs.. Monitor client probes.. create evil twin for the Open WiFi probe.. Assign IP for client.. Wait till Responder snatches the creds, maybe do a couple of de-auths.. Importantly, avoid any DHCP, DNS, HTTP service conflicts.. For the PoC, I wanted to keep it as a simple targeted attack and so off-loaded the router function to an actual wifi router.. It was stable that way.. less tinkering to do..
-
I think you misunderstood my method here b0N3z.. You don't need to plug in the Nano into the USB port... That happens to be the biggest advantage also. If you see the demo videos on 2nd reply, you will see that the machines connect to rogue Ap and give up the creds.
-
Agree. My current setup - TP Link MR3020 + RPi3 Now trying to do it all on a RPi3. This should be pretty straightforward with a Nano since it has a Responder module already.
-
Demo
-
Hi, I have written a blog post on using mubix's discovery to grab AD creds using an Evil twin AP and Responder. https://zone13.io/post/Snagging-credentials-over-WiFi-Part1/ pros: • no physical access required • no driver installations.. I can see that Tetra/Nano has Responder modules but not much info on using it. I don't have a Pineapple handy at the moment to try it out. Anyone care to give this a go on tetra/nano? Happy to answer any queries on working. cheers.
