Jump to content

Mark Iv Wifi Impersonating


Yamada Taro
 Share

Recommended Posts

Hi everyone !

I only recently discovered Hak5 and i realy like it..lot`s of interesting stuff going on here !

I already Ordered an Mark IV and an rubberduyk and i am still not sure what i will learn from it but trying is the best teacher imho :)

Can somebody tell me if it is possible to impersonate an Wifi (WPA/WPA2 encryption AES or TKIP) IF i know the credentials?

I want to try it in my own wifi but don`t want to disable any encryption for Auth..

How can it be done ?

Thanks for answer...

(I crawled the Forum but could not find anything so far..i hope i dont ask a questions answered already a hundred times..

Link to comment
Share on other sites

You don't need the credentials, the client will connect without needing them.

Yeah with OpenAuth and as long i have the Wifi NOT secured...but what if i want clients to connect to my "secured" honeypot-wifi instead of the REAL "secured" wifi..

I clearly need the SSID and Key ..and is it possible then?

Edited by Yamada Taro
Link to comment
Share on other sites

Care to elaborate on this please :)

Can it be possible in future?

I wonder why it isn`t possible..

Thank your for enlightening me!

I am new to this also but have some ideas. For you more advanced users, would it be possible to code a "pseudo-authentication" for the Pineapple that would send a client that is secured by WPA or WEP or WPA2 a fake key and when the client responds with the encrypted password...Jasager...say, "yep, that's the right password".

After the initial probe, according to 802.11, it is the router that initiates the connection by sending the client a key, the client then responds with a password that is encrypted and then the router will either accept or deny access depending on if the password is correct. Will this be possible?

Link to comment
Share on other sites

Yeah with OpenAuth and as long i have the Wifi NOT secured...but what if i want clients to connect to my "secured" honeypot-wifi instead of the REAL "secured" wifi..

I clearly need the SSID and Key ..and is it possible then?

You obviously do not understand how this device works. It tells every wireless client that it IS the AP they are looking for. And what would be the point of securing it, it is a honey-pot. If you already have the credentials for the AP you would be targeting you wouldn't need the Pineapple.

Link to comment
Share on other sites

I am new to this also but have some ideas. For you more advanced users, would it be possible to code a "pseudo-authentication" for the Pineapple that would send a client that is secured by WPA or WEP or WPA2 a fake key and when the client responds with the encrypted password...Jasager...say, "yep, that's the right password".

After the initial probe, according to 802.11, it is the router that initiates the connection by sending the client a key, the client then responds with a password that is encrypted and then the router will either accept or deny access depending on if the password is correct. Will this be possible?

Clients are not secured, the AP is. If a client sends out a probe request looking for a secured AP that they usually connect to the Pineapple will respond saying that it is that AP. Since the Pineapple is not secured the client will be able to connect to it anyway (no authentication required). Test it out sometime and you will see that this works, I have tested this against several devices that only connect to WPA2 secured wireless APs and they connect without issue. Not to mention that the client would know that you are not the AP they are looking for when their session handshake fails if you were to attempt what you are suggesting (its an encrypted session, you cannot fake this).

Link to comment
Share on other sites

Clients are not secured, the AP is. If a client sends out a probe request looking for a secured AP that they usually connect to the Pineapple will respond saying that it is that AP. Since the Pineapple is not secured the client will be able to connect to it anyway (no authentication required). Test it out sometime and you will see that this works, I have tested this against several devices that only connect to WPA2 secured wireless APs and they connect without issue. Not to mention that the client would know that you are not the AP they are looking for when their session handshake fails if you were to attempt what you are suggesting (its an encrypted session, you cannot fake this).

Hmm..ok. I have a lot of testing to do to figure this thing out...my Mark IV is in the mail, thanks.

Can anyone post a link to a "why jasager works" description. I'm sure they out there but I cant find any really good "this is what is actually happening behind the scenes" articles. thanks in advance.

Link to comment
Share on other sites

Thanks very much for all the Answers Sirs !

I think i understood it now ..will get it fully as soon as it is in my mail..

Of course if i got the credentials i can use any router for this purpose and i won`t need the Pinneapple..had a faulty logic here ^^

Thumbs Up for clearing that for me !

Link to comment
Share on other sites

Hmm..ok. I have a lot of testing to do to figure this thing out...my Mark IV is in the mail, thanks.

Can anyone post a link to a "why jasager works" description. I'm sure they out there but I cant find any really good "this is what is actually happening behind the scenes" articles. thanks in advance.

http://hak5.org/episodes/episode-401-wi-fi-pineapples

Link to comment
Share on other sites

Thanks, I do need to go back and re-watch some of the old videos...but what I'm really looking for is an in-depth behind the scenes. Something that describes the networking aspects of whats going on packet wise and protocol wise. Thanks everyone.

Networking 101. It's how it was designed to work.

http://www.amazon.com/802-11-Wireless-Networks-Definitive-Edition/dp/0596100523/ref=sr_1_1?ie=UTF8&qid=1334319115&sr=8-1

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...