Jump to content

How to inject hex frames and why?


Recommended Posts

  • 3 weeks later...
15 hours ago, Spoonish said:

thanks for that, good info. I'm also wondering how much of the krackattack could be achieved with this as isnt the first stages of that based heavily on replaying message 3 of the 4way to get a nonce reset?

To add to the list: -

This looks interesting against open networks. https://github.com/rpp0/aggr-inject/raw/master/presentation/wisec2015.pdf

Maybe this could also be used for EAP/RADIUS? https://pdfs.semanticscholar.org/c018/62ea3f9cc0b9ed081ce67831410f14c5d62d.pdf

Link to comment
Share on other sites

This module does lack some documentation. Paste in raw hex for a frame and it will be transmitted wirelessly. Though there is currently no easy way to craft frames using the pineapple (maybe one day soon), for now you can generate frames yourself or copy them from wireshark. A fun trick that is now possible is to copy a frame from wireshark (right click -> copy -> ...as a Hex Stream) then paste it into the module. Just make sure to remove the radiotap header if it's present (the module should warn you if you don't).  Happy hacking!


Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...