RandTheRand Posted August 27, 2016 Share Posted August 27, 2016 Hi, tried searching for an answer and wasn't able to find what I was looking for. Hopefully someone here can help to see if it's theoretically possible The idea: Have a victim connect to a fake AP set up as one they want to connect to, and replay the handshake back and forth with the real AP untill it's authenticates the computer with the fake AP. Basically capture and replay both responses to eachother to get the appropriate response for the 4-way handshake. 1. VICTIM PC ---**----> AP 2. VICTIM PC <---**---- AP 3. VICTIM PC ---**----> AP 4. VICTIM PC <---**---- AP Where ** is the researchers computer acting as the REAL AP to the victim, and a real client to the real ap Hope it isn't too much of a bad question! Appreciate any input Quote Link to comment Share on other sites More sharing options...
digip Posted August 28, 2016 Share Posted August 28, 2016 (edited) The 4 way handshake is an exchange that on WPA enabled AP's, will require both parties to know the keys. you cna fake packets to enable the AP to go open, but you won't get a legit 4 way, because this requires both the client and server to respond with the right sequence. Look into wifite and pixiedust, and you will see ways to work around this for offline cracking with wps in combo to help quickly brute WPA access. http://resources.infosecinstitute.com/wifite-walkthrough-part-1/ Edited August 28, 2016 by digip Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.