Street Posted November 5, 2022 Share Posted November 5, 2022 I've had the Mark VII for a long time now, and broke it out again to try the new updates. I really like the PineAP features, but need to know how to use them with WiFi APs that require passwords. I am able to capture handshakes fine so that's not a problem, but also would like to use PineAPs rouge access point at public hotspots that give away their passwords already. DeAuth & Evil Portal work fine. However I have found that for some APs the DeAuth & HandShake Capture don't let you click because they are colored in red. Apparently there is protection now for some servers! Link to comment Share on other sites More sharing options...
dark_pyrro Posted November 5, 2022 Share Posted November 5, 2022 I need to break this down in order to make it clear if there are multiple questions/scenarios or just one. 5 hours ago, Street said: I really like the PineAP features, but need to know how to use them with WiFi APs that require passwords Explain this more in detail, what do you want to accomplish? 5 hours ago, Street said: I am able to capture handshakes fine so that's not a problem, but also would like to use PineAPs rouge access point at public hotspots that give away their passwords already. The same thing here; how would you like to use PineAP in a scenario that involves public hotspots with passwords that is known in some way? 5 hours ago, Street said: However I have found that for some APs the DeAuth & HandShake Capture don't let you click because they are colored in red. Apparently there is protection now for some servers! What kind of servers and how are they related to APs and the ability to deauth and capture handshakes? Link to comment Share on other sites More sharing options...
Street Posted November 5, 2022 Author Share Posted November 5, 2022 I am duplicating an SSID which has a password I already know, and then DeAuthing the real SSID. This should cause the client to connect to the WiFi Pineapple. The only problem is PineAP doesn't have the option to create a password for my APs duplicate SSID. This means I can only do it to WiFi Hotspot that don't use passwords. Link to comment Share on other sites More sharing options...
dark_pyrro Posted November 5, 2022 Share Posted November 5, 2022 What about Evil WPA, tried it? Link to comment Share on other sites More sharing options...
DramaKing Posted November 5, 2022 Share Posted November 5, 2022 WPA3 and some other WiFi 6 AP 17 hours ago, Street said: However I have found that for some APs the DeAuth & HandShake Capture don't let you click because they are colored in red. Apparently there is protection now for some servers! WPA3 and some other WiFi 6 APs have PMF. The management frames are encrypted, and you can't spoof those. You also can't capture handshakes if SAE is the authentication method. Link to comment Share on other sites More sharing options...
dark_pyrro Posted November 5, 2022 Share Posted November 5, 2022 802.11w has been around since 2009 so it doesn't strictly require WPA3 to be implemented. Link to comment Share on other sites More sharing options...
Street Posted November 7, 2022 Author Share Posted November 7, 2022 Evil WPA works independently of the new PineAP, so I don't think that will help. If anyone does know how let me know. Link to comment Share on other sites More sharing options...
dark_pyrro Posted November 7, 2022 Share Posted November 7, 2022 What do you mean when indicating that Evil WPA works independently of PineAP? It's listed as one of the PineAP features. Link to comment Share on other sites More sharing options...
powercrypt Posted November 10, 2022 Share Posted November 10, 2022 I mean the Evil Portal Module works independently of spoofing APs SSIDs. Link to comment Share on other sites More sharing options...
dark_pyrro Posted November 10, 2022 Share Posted November 10, 2022 9 hours ago, powercrypt said: I mean the Evil Portal Module works independently of spoofing APs SSIDs. Take note, I'm not talking about Evil Portal (the module). Evil WPA has the ability to impersonate a passphrase protected network. It spoofs the ESSID it's supposed to impersonate. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.