flame Posted December 12, 2011 Share Posted December 12, 2011 hi everyone. right I would like to know of any good ways to get around wpa and wpa2 wifi that does not have any clients on to get the handshake from. i have my own test lab and would love to see if there is a way around the wpa/2 wifi crack if you dont get or have a handshake or if there is not clients on to kick off. lol thx Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted December 12, 2011 Share Posted December 12, 2011 Unless you can get internal network access to possibly attack the access point itself, I would assume impossible. (Edit) reaver-wps Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted December 12, 2011 Share Posted December 12, 2011 Can't be done, unless you deauth a user and get he/she to re-authenticates again to the network. Quote Link to comment Share on other sites More sharing options...
digip Posted December 12, 2011 Share Posted December 12, 2011 Fake Authentication can be used for WEP, but I don't think it works for WPA due to the 4 way handshake, you would just get the fake handshake sent, and no reply from the AP. Quote Link to comment Share on other sites More sharing options...
jobdone Posted December 12, 2011 Share Posted December 12, 2011 The only way I've had access to WPA without a client is because of default passwords (generated via the MAC address) - and those are few and far between (well not quite but..) or if the WPA key is written on the router a pair of binoculars will help! Quote Link to comment Share on other sites More sharing options...
alecs321 Posted March 6, 2012 Share Posted March 6, 2012 you can easily hack a wep clientless network but for a wpa or wpa2 network things are more complicated...you can't do enything if the network hasn't a client and even if the network has someone logged on you need to have a huge dictionary and if the pass is in the dictionary it will take a few hours/days untill u crack it... Quote Link to comment Share on other sites More sharing options...
Dioxin Posted March 6, 2012 Share Posted March 6, 2012 (edited) Have you tried the Reaver-WPS weakness? no need for a 4-way for that one. The advantage to this vulnerability is that even if they change the password, the pin still works. (I've a netgear router where its actually impossible to change the 8-digit pin) Edited March 6, 2012 by Dioxin Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted March 6, 2012 Share Posted March 6, 2012 You could try a simple dictionary attack, if it is a simple/common password being used then it could get you in. Quote Link to comment Share on other sites More sharing options...
SPoF Posted March 7, 2012 Share Posted March 7, 2012 For me, the reaver-weakness is by far the fastest method of the ones proposed. I tried it on our Home-Network which has a 12-key WPA2 alphanumerical non-semantic pass and I got in in about 51 mins compared to about 35000 years when brute-forcing it with 2^56 permutations/sec ;) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.