WhiteHatED Posted May 27, 2014 Share Posted May 27, 2014 Hello hak5 forums, I recently bought a wifi pineapple and fell in love with the karma feature. I'm wondering if it's possible to not only force people to connect but also request a password for the network that karma is impersonating. What are your thoughts? Quote Link to comment Share on other sites More sharing options...
Oli Posted May 27, 2014 Share Posted May 27, 2014 Short answer: not really Long answer: you could try and use social engineering to get the user to enter some information/passwords. Auto-connect is only going to work for open networks. If they manually try to connect to a spoofed open network named after a secured network you might be able to show them a captive portal asking for a password to for that network. Not going to fool many people though. Quote Link to comment Share on other sites More sharing options...
WhiteHatED Posted May 27, 2014 Author Share Posted May 27, 2014 Short answer: not really Long answer: you could try and use social engineering to get the user to enter some information/passwords. Auto-connect is only going to work for open networks. If they manually try to connect to a spoofed open network named after a secured network you might be able to show them a captive portal asking for a password to for that network. Not going to fool many people though. Short answer: not really Long answer: you could try and use social engineering to get the user to enter some information/passwords. Auto-connect is only going to work for open networks. If they manually try to connect to a spoofed open network named after a secured network you might be able to show them a captive portal asking for a password to for that network. Not going to fool many people though. Okay. Does that mean that the computer has some type of authentication before it will send the AP a password? Quote Link to comment Share on other sites More sharing options...
digininja Posted May 27, 2014 Share Posted May 27, 2014 What type of password are you thinking about? Captive portal, e.g. login to hotel wifi with billing to room or WEP/WPA password? Quote Link to comment Share on other sites More sharing options...
WhiteHatED Posted May 27, 2014 Author Share Posted May 27, 2014 What type of password are you thinking about? Captive portal, e.g. login to hotel wifi with billing to room or WEP/WPA password? I was thinking you could use it to capture WPA passwords. Quote Link to comment Share on other sites More sharing options...
digininja Posted May 27, 2014 Share Posted May 27, 2014 Simple answer then, no. The reasons have been written about many times, search the forums and you'll find them. I think I even did a sticky on why not. Quote Link to comment Share on other sites More sharing options...
WhiteHatED Posted May 27, 2014 Author Share Posted May 27, 2014 Simple answer then, no. The reasons have been written about many times, search the forums and you'll find them. I think I even did a sticky on why not. Okay thank you. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.