Jump to content

Protecting the rogue AP with a passphrase?


zSec

Recommended Posts

Hi everyone,

I have a short question regarding the WiFi Pineapple Tetra.
I was wondering, if it is possible to set up a rogue AP which is protected (WPA2-PSK) and not open.
Soon I will have an engagement where just a few people will get the PSK for a new WiFi and I don't want that everyone else in the company also can access the rogue AP.

Inside the PineAP configuration I only saw a way to hide or unhide the network, but not to protect it with a passphrase.

Therefore my question, is it possible to protect my rogue AP?


I'm fairly new to this product and haven't seen such a question yet, I hope someone can help me with that.

 

Thanks in advance.

 

Link to comment
Share on other sites

The best way to protect the rogue AP is using the Filters tab. With proper recon, you should be able to identify the MACs or SSIDs of the target devices and add them to the filter. With the filters set to "allow" mode, only devices with a MAC address or SSID in one of the pools will be able to connect. If you are looking to minimize collateral damage then filters are a good choice.

One of the benefits of a rogue AP attack is that you don't necessarily have to be inside of the building for it to be successful. If the employees have directly received instructions to connect to the rogue access point then that means a) the hacker has physical access to the building or b) has social-engineered someone into providing the credentials to employees. In either case, the hacker is already far beyond rogue access points in terms of potential harm to the company.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...