Ruck Posted February 18, 2016 Share Posted February 18, 2016 As mentioned in my (first) other topic I am quite new in using the NANO, using Linux and other pentesting tooling/stuff. Currently my manager has also asked me (since I told I bought the fruit) to give a demonstration on our next customer meeting (a meeting for financial controllers of our clients) regarding Cybersecurity. I am limited to a timebox presentation of 15 minutes, but can setup the wifi nano about 90 minutes in advance during other presentations and the walk in. I am not allowed from a legal perspective to break, steal or entering mobile devices, so I am thinking what would be a great demonstration for this purpose to create awareness, but without crossing privacy and legal. 1) I was thinking to set up an unprotected/free AP with the similar name of the locations AP or with the name of the Event and see who will log on to it. 2) same as 1, but with WPA2 key, provided at entrance of the meeting 3) Only recon scanning and log probes to see where attendees have been (so profiling the attendees in general) 3a) In this case is there a method to spot probes for open SSID's of devices, without having them connecting to the PineAP? So far I haven't found this yet. This would indicate devices vulnerable for the PineAP daemon right? WPA/2 protected SSID are not vulnerable to this, since the probe is with authentication, so the SSID Pool will only send the rogue SSID, but the device will not connect to it? 4) For option 1 and 2, what are nice tools/scans to perform on connected AP's to find information on the attendees which can be shared publicly... I know these are a lot of questions to ask for a newbie, but if you don't ask.... Any advice on where to start/learn are welcome.... Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.