Jump to content

Updated wifi devices may not fall for pineap/mana/etc.


PoSHMagiC0de
 Share

Recommended Posts

So, I was playing with scapy with working on cloaking beacons and forging my own probe requests and responses when I noticed something from my Pixel that was updated to Pi 9.1 and other devices in the area.  A bunch of devices were not probing for individual aps but instead doing wildcard probes.  I can see this impeding attacks that spoof responses for open access points that are probed to induce a connection.  Just an fyi.  Take a look in wireshark while monitoring wifi to see for yourself.  Filter by probe requests...or use scapy to find type 0 and subtype 4.

  • Like 1
Link to comment
Share on other sites

I have notice this a few years ago when I made a pi mana mobile box. ( not the frame in wire shark but the lack of connectivity )

 

during the testing around my house I notice the samsung s5 and other Old android devices would connect but anything newer didn't.

 

I drove around expecting hundreds of connections but not the case.

 

People replace phones rather quickly these days and automatic updates are becoming more frequent.

Link to comment
Share on other sites

3 hours ago, PoSHMagiC0de said:

A bunch of devices were not probing for individual aps but instead doing wildcard probes

Could it be the open network detection? or maybe google location services using wifi maybe?

On my last update (only 8.1) i noticed a wifi rating provider option, i can only select google as a provider - after looking it up it seems it rates wifi networks for speed informing users before connection. that could also highlight pineapple AP's if they dont have a rating at all. Wonder if that can be spoofed with a mac address/location copy tho.

Interesting times

Link to comment
Share on other sites

  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...