Jump to content
andylarks

Clients prefer "real" access point

Recommended Posts

Setup:

  1. Pick known client (my mobile) connected to known AP (my WiFi router).
  2. Add known client to client filter "Allow mode" for Mac.
  3. In PineAP:
    1. Allow associations
    2. Log probes
    3. Log associations
    4. Broadcast SSID pool (which contains known AP name)
    5. Set both Broadcasts to "Aggressive"
  4. Save

I then go back to Recon view, and Deauth the known client. I can see my mobile disconnecting from the WiFi - but it then reconnects to the original WiFi, not the Pineapple version (both are listed as options).

Am I doing something wrong?

Thanks

A.

Share this post


Link to post
Share on other sites
Just now, andylarks said:

Setup:

  1. Pick known client (my mobile) connected to known AP (my WiFi router).
  2. Add known client to client filter "Allow mode" for Mac.
  3. In PineAP:
    1. Allow associations
    2. Log probes
    3. Log associations
    4. Broadcast SSID pool (which contains known AP name)
    5. Set both Broadcasts to "Aggressive"
  4. Save

I then go back to Recon view, and Deauth the known client. I can see my mobile disconnecting from the WiFi - but it then reconnects to the original WiFi, not the Pineapple version (both are listed as options).

Am I doing something wrong?

Thanks

A.

your real AP is it a open ap or WPA/WPA2 protected AP ?

Share this post


Link to post
Share on other sites
15 minutes ago, andylarks said:

Am I doing something wrong?

Depends on what you want to do, if you were capturing handshakes that would be enough. You could also try a longer Deauth to pester the user of the phone (you) to manually try one of your open networks. As its your known AP you could also try to EvilTwin your AP mirroring the settings (including password) and position yourself/pineapple between the AP and device to improve chances.

If you want to get your phone to associate automatically with the pineapple you would do better to go out to the middle of a field for example (or delete your AP from its known networks for test) where your phone would be looking for networks but was not in range of any known AP's.  Ideally your pone had at least one open network in its saved networks, say you used Starbucks free wifi in the past. then your phone would most likely associate to the pineapple with the settings you mention above.

Share this post


Link to post
Share on other sites
Just now, andylarks said:

Ah, sorry, should have included that - real AP is WPA2

Ok so you will need to create a spoof AP with same SSID and security settings. ie WPA2 & same password.

Share this post


Link to post
Share on other sites

Ah! Ok

Thanks for getting back to me so quickly.

...I wrote this reply almost immediately after you replied - but forgot to submit!

Thanks again

A.

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...