Jump to content

Updated wifi devices may not fall for pineap/mana/etc.


PoSHMagiC0de

Recommended Posts

So, I was playing with scapy with working on cloaking beacons and forging my own probe requests and responses when I noticed something from my Pixel that was updated to Pi 9.1 and other devices in the area.  A bunch of devices were not probing for individual aps but instead doing wildcard probes.  I can see this impeding attacks that spoof responses for open access points that are probed to induce a connection.  Just an fyi.  Take a look in wireshark while monitoring wifi to see for yourself.  Filter by probe requests...or use scapy to find type 0 and subtype 4.

Link to comment
Share on other sites

I have notice this a few years ago when I made a pi mana mobile box. ( not the frame in wire shark but the lack of connectivity )

 

during the testing around my house I notice the samsung s5 and other Old android devices would connect but anything newer didn't.

 

I drove around expecting hundreds of connections but not the case.

 

People replace phones rather quickly these days and automatic updates are becoming more frequent.

Link to comment
Share on other sites

3 hours ago, PoSHMagiC0de said:

A bunch of devices were not probing for individual aps but instead doing wildcard probes

Could it be the open network detection? or maybe google location services using wifi maybe?

On my last update (only 8.1) i noticed a wifi rating provider option, i can only select google as a provider - after looking it up it seems it rates wifi networks for speed informing users before connection. that could also highlight pineapple AP's if they dont have a rating at all. Wonder if that can be spoofed with a mac address/location copy tho.

Interesting times

Link to comment
Share on other sites

  • 2 weeks later...

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...