Jump to content

Feign the identity of an access point


Ano

Recommended Posts

Hey community,

is it possible that i can take over my nano with the identity of my wifi router (MAC + name)? So the clients are trying to connect with me? I ask because you can also change the MAC address. Is that intended for such actions?

Link to comment
Share on other sites

Hello,

There is partial support for this. You can set the SSID, and yes the MAC address, for the Pineapple, but you can't set an encryption key for anything except the management interface at this time. It is possible to do this from a command shell, but not from the Web GUI. The developers have said this feature is coming in the near future.

One potential problem, however - with 2 "routers" having the same SSID and MAC addresses would confuse clients, as they wouldn't know one from the other. This might not seem to be an issue, except that both would likely be dishing out different DHCP leases. 

It might work, if you turn off your router at the same time as you put up your Pineapple. Just make sure you have some other internet uplink...

Link to comment
Share on other sites

Would it be possible to use the encryption key from a handshake? Even if you don't know the key?
The router shouldn't really know it, but can just say thank you fits?!?...

Link to comment
Share on other sites

Ok, so let me elaborate a bit: The underlying Linux operating system fully supports what you want to do. The fine folks at Hak5 haven’t implemented this yet in their web configuration interface for the Pineapple. The short answer is: you could set that up, but it won’t be easy for a beginner. You would have to go to a command prompt (ie. Ssh terminal), and turn off the web server, and probably other things too. Then you would need to configure things by hand. No point and click here. In the future, the developers of the Pineapple plan to add support for setting-up password protected access points. For now, it isn’t officially supported, and you’ll be on your own for that.

Also, regarding impersonating an existing router, you would have to either physically turn off the existing router, or somehow exploit & crash it. I’ve said it before elsewhere, and I’ll say it again here: if it’s not your network, and you don’t have permission to be messing with it, and you start messing with it, you’re liable to get a one-way trip to federal prison!

Do yourself a big favor: set yourself up with a test network, and play around with that!

Link to comment
Share on other sites

  • 2 weeks later...

Many thanks for your response. I am looking forward to the new features. Yes, I am an ethical hacker and only use the techniques to increase my security and then pass it on to customers. I want to sensitize people to be more aware of their technology.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...