Jump to content

Instead Of Wpa Attack, Could You...


Sterbehilfe

Recommended Posts

I'm curious.

instead of attempting to crack WPA, couldn't you set up wifi pineapple,

then deauthenticate the user, then when they attempt to reconnect to their router

they connect to your pineapple instead.

need to somehow get them to connect your pineapple instead of the router,

which i'm not sure how you would go about this bit.

I haven't got a pineapple, so i can't test it, but whats are your thoughts?

its my first post, be nice if this was a stupid question.

Link to comment
Share on other sites

That could only work if 1) The device connecting to the WPA network will "dumb-down" it's connection to unsecured. And 2) If your pineapple has a stronger signal to the device.

I have only heard of devices that would lower the security to connect to a network. I do not actually know of any devices that do this, so chances are what you would like to attempt is not possible.

Link to comment
Share on other sites

By default the Pineapple will respond to any device "probing" to connect and answer as the probed device. However, you need to be damn close to the target to really get them on the pineapple, as the real router will also see the probe and answer for the 4 way handshake.

You would probably have to overpower the other routers signal. On top of that, it will more than likely fail to connect, since most peoples connection settings will be stored for their WPA keys, depending on what they were using, and more than likely it will ignore the pineapple since it will default to WPA and not receive the handshake from the pineapple.

Only way to know for sure, is try it yourself and check the results. Report back what you find though. I'd like to know what happens when you MITM a WPA handshake and if Windows or whatever OS is at the other end, will "dumb down" as Mr-Protocol puts it and try to default back to no authentication. It shouldn't, but I have no way of testing it from here to confirm that and I wouldn't be surprised that Windows XP vs Vista, vs 7 all do something different in the process.

Link to comment
Share on other sites

I dont think you can MITM a WPA handshake due to checksum. Basically if you don't know the key, you don't get a full handshake.

Yeah, I wasn't saying MITM to get WPA handshake or anything like that. I meant stepping in between the client and the intended router and intercepting the connection, and if it would "dumb-down" like you said, which I don't think it will do automatically. Once you save the WPA key, its going to want to do the handshake, and if that process doesn't happen, I think it will just drop the connection and ignore the pineapple. Testing this though would be the only way to say one way or the other though and every OS might handle it differently. Edited by digip
Link to comment
Share on other sites

thanks for the replies, perhaps i didn't have a clear understanding of the pineapple, am i right in saying

its ideal for the network they usually connect to, isn't there at all and when the target first turns on

their pc/laptop.

I still think it's a neat idea, just be better if it were possible

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...