Fattman Posted December 20, 2012 Posted December 20, 2012 (edited) Hi All Not sure if this is a silly question or not, so please bare with me. My Pineapple arrived today which i was very happy about. I have got it set up in my mini lab and wanted to start having a play about with it. I have 'MK4 Karma' enabled but after booting my vicitim machine the Pineapple failed to capture the device. My network has WPA2 Enrcyption. Will the Pineapple still be able to get the connection or must the victim device want to connect to a open network? After looking at what wifi APs are about i can see the spoofed SSID of my router, but the victim machine has still connected to my router and not the Pineapple. Any help would be appreciated! rgds Gary Edited December 20, 2012 by Fattman Quote
NullNull Posted December 20, 2012 Posted December 20, 2012 Karma responds only to open networks.. Quote
Fattman Posted December 21, 2012 Author Posted December 21, 2012 thanks for the reply! I watched a webinar with James Lyne from Sophos Security presenting and he had set up a rogue AP which was getting devices to connect to him instead of their preferred APs. It worked the same way as the Pineapple but also had devices which used encryption such as WPA/WPA2 connecting to his rogue AP. Any idea what he would of used to do this? Reason i am asking is that i study Information Security and would like to do something around Wifi and its vulnerabilities for a dissertation. Will not be doing it until next year, but trying to get as much research done now so that i can make a start during the summer break. Thanks Gary Quote
stealthkit Posted December 21, 2012 Posted December 21, 2012 Most people have connected to an open SSID some time or another. Just use "mdk3" or if you want GUI the jammer module and deauth everything except the SSID / mac-address of your Karma interface. This way they are forced *typically* most of the time to go through their saved wireless networks. ;) Quote
Fattman Posted December 21, 2012 Author Posted December 21, 2012 thanks for the info, will take a look at this now. rgds gary Quote
coolgeek Posted December 21, 2012 Posted December 21, 2012 The problem with WPA/WPA2 secured connections is that a 4-way handshake takes place, in which both AP and client confirm the key without actually revealing it. Read more about the process Here. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.