erock9894 Posted May 6, 2015 Share Posted May 6, 2015 Hi I am relatively new to pen testing I have some experience with Kali. My question is will the mitm attack work on the same wpa2 encrypted network as my victim. I am trying to prank my friends and I have their network key can i run the mitm through that ssid or will i need to create a duplicate unsecure ssid. I know the mitm attack works on kali when connected to the same network, just not sure if it is the same here. Thanks for all your help Quote Link to comment Share on other sites More sharing options...
digip Posted May 6, 2015 Share Posted May 6, 2015 (edited) If on their router and using their network with ARP spoofing to MITM, then they connect through you - or, depending on how far away they are from their router, if you are in your friends home and use something like a pineapple, you have the potential to impersonate the actual AP, and in turn, negate wpa2 so long as they connect through you, all you would need then is to sniff on your local gateway impersonating their AP. Regardless of how you get them to flow through you, in order to see their traffic, you will need to be on the same network though, whether using theirs, or creating your own fake AP, you would need a way to drive them through your path of flow on the network. Edited May 6, 2015 by digip Quote Link to comment Share on other sites More sharing options...
cooper Posted May 6, 2015 Share Posted May 6, 2015 (edited) The quickest way, since you have access to the AP, is to go into the management console, change the SSID and put your own AP up with the original SSID but the same password. Edited May 6, 2015 by Cooper Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.