Jump to content

Using Wifi Pineapple to get Wpa2 Passwords


Recommended Posts

Alright, so I'm kind of a noob to this so bare with me.

I recently bought a wifi pineapple and noticed that, when you host a fakeAP with the same SSID as a nearby access point, your access point sometimes overrides it. Now I was thinking that if you hosted a fake access point with wpa2 encryption and the same SSID as an access point in the area then clients attempting to connect to the legitimate access point would actually try their password on your fake one. This would obviously not let them into the wifi, but if you could somehow view a log of tried passwords on your access point, then you might find their password, leaving them just thinking that they put their password in wrong.

Not sure if this is the right place to raise this topic, but I was hoping someone could disprove this idea or help me figure out how to make it happen, Thanks

Link to comment
Share on other sites

There's a 4-way handshake when a client connects whereby both the client and the server send each other a hash of the password. The goal is to make both of them not transmit the password in the clear, yet prove to each other that they know what the correct password is.

In short: That specific scenario has been taken into account when they designed WPA2 and thus it won't work.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...