Jump to content

Recommended Posts

Posted (edited)

Hi All

Not sure if this is a silly question or not, so please bare with me.

My Pineapple arrived today which i was very happy about. I have got it set up in my mini lab and wanted to start having a play about with it.

I have 'MK4 Karma' enabled but after booting my vicitim machine the Pineapple failed to capture the device.

My network has WPA2 Enrcyption. Will the Pineapple still be able to get the connection or must the victim device want to connect to a open network?

After looking at what wifi APs are about i can see the spoofed SSID of my router, but the victim machine has still connected to my router and not the Pineapple.

Any help would be appreciated!

rgds

Gary

Edited by Fattman
Posted

thanks for the reply!

I watched a webinar with James Lyne from Sophos Security presenting and he had set up a rogue AP which was getting devices to connect to him instead of their preferred APs. It worked the same way as the Pineapple but also had devices which used encryption such as WPA/WPA2 connecting to his rogue AP. Any idea what he would of used to do this?

Reason i am asking is that i study Information Security and would like to do something around Wifi and its vulnerabilities for a dissertation. Will not be doing it until next year, but trying to get as much research done now so that i can make a start during the summer break.

Thanks

Gary

Posted

Most people have connected to an open SSID some time or another. Just use "mdk3" or if you want GUI the jammer module and deauth everything except the SSID / mac-address of your Karma interface. This way they are forced *typically* most of the time to go through their saved wireless networks. ;)

Posted

The problem with WPA/WPA2 secured connections is that a 4-way handshake takes place, in which both AP and client confirm the key without actually revealing it. Read more about the process Here.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...