can the Nano be used to hack VPNs?

[Gh0stRunner]

can the Pineapple Nano be used to crack a VPN connection? say you are in the parking lot at Starbucks and a user inside is connecting via VPN to his corporate networks. Since you capture the user's credentials before they connect to the VPN server (as they connect to Starbucks's hotspot) would that ultimately allow you as the Pineapple user to also gain access to the VPN server and thus the corporate network?

what about someone doing online banking via VPN at a Starbucks? Is there a payload that can essentially allow you to capture VPN encapsulations and decipher them to access credentials? Just curios ?

[m40295]

Simple answer no

[Dice]

2 hours ago, m40295 said:

Simple answer no

A longer answer : no, because

The connection for a VPN (userid / password / token) is totally encrypted and therefore not accessible for you to see/snoop or capture; all you see is a datastream.

 

In theory : if you can set up a reverse shell from the targets computer to your computer and he connects to another source you could access that ... if the connecton is available.

 

 

 

[Gh0stRunner]

On 10/25/2018 at 6:05 AM, Dice said:

A longer answer : no, because

The connection for a VPN (userid / password / token) is totally encrypted and therefore not accessible for you to see/snoop or capture; all you see is a datastream.

 

In theory : if you can set up a reverse shell from the targets computer to your computer and he connects to another source you could access that ... if the connecton is available.

 

 

 

for the reverse shell you got the Bash Bunny to the rescue if you can insert it into the user's machine so this would make for a killer combo with the Pineapple and Bunny

[Dice]

On 10/28/2018 at 3:53 AM, LivingL393nd said:

for the reverse shell you got the Bash Bunny to the rescue if you can insert it into the user's machine so this would make for a killer combo with the Pineapple and Bunny

However true, that was not your question.