JZL Posted February 6, 2012 Share Posted February 6, 2012 Hi guys. Just got this idea last night, so I didn't have time to check if it is really possible. But here it is: Device 1 - Is there a "this and this" -network aroud? Jasager - Here I am, connect to me! ---At this point. what if we make jasager ask's for a password for "this and this", would device1 give up the password? In my own little head, I think you could get any password to any wifi, even wpa-psk or wpa2. Just deauth the target and ask the password. Couldt it be this simple? Tell me what you think? Quote Link to comment Share on other sites More sharing options...
diggler Posted February 6, 2012 Share Posted February 6, 2012 (edited) that's what aireplay does with the aircrack-ng suite of tools. the only way to crack WPA2 is to capture the handshake after a deauth and bruteforce it.... just use reaver now :) Hi guys. Just got this idea last night, so I didn't have time to check if it is really possible. But here it is: Device 1 - Is there a "this and this" -network aroud? Jasager - Here I am, connect to me! ---At this point. what if we make jasager ask's for a password for "this and this", would device1 give up the password? In my own little head, I think you could get any password to any wifi, even wpa-psk or wpa2. Just deauth the target and ask the password. Couldt it be this simple? Tell me what you think? Edited February 6, 2012 by diggler Quote Link to comment Share on other sites More sharing options...
digininja Posted February 6, 2012 Share Posted February 6, 2012 No, that wouldn't work as the password is never shared, authentication is done based on encrypting random strings called Nonces. I send you one and you encrypt it and send it back, I check that what you sent me matches what I get when I encrypt it. And then vise versa. If we both get what we expect then authentication is successful. By emulating a WPA(2)-PSK AP it is possible to extract enough information out of the client to perform a brute force attack on the PSK, see my Wifi Honey script and the talk from Vivek that it is based on for more information. http://www.digininja.org/projects/wifi_honey.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.