27-06-2017, 13:46
|
#53
|
Sad Doig Fan!
Join Date: Aug 2007
Location: Barry South Wales
Age: 68
Services: With VM for BB 250Mb service.(Deal)
Posts: 11,660
|
Re: Virgin Media urges password change over hacking risk
Quote:
Originally Posted by Qtx
You can't be a man in the middle as such when it comes to getting the Wifi password. It is done by passively sniffing what it sent between the client and router because it is sent out for anyone to read, rather than someone being in the middle of the client and router..
Maybe injecting some packets pretending to be the client de-authenticating to force it to send the encrypted password more times so you have more data to use for cracking is used, but thats not MITM either.
Once you are in you can use a device on the network to MITM via arp poisoning locally or maybe setting a routers DNS to one under your own control, so you can force every website to go through your own rogue server by replying to every DNS request with the rogue server IP, which in turn does the listening before forwarding traffic.
|
Seriously???
I won't post the source for obvious reasons.
Quote:
Pwnstar9 for WPA Phishing and Open Hotspots for community testing.
Features
1. Complete control of most aspects of the Rogue AP process. Such as mac spoofing, channels, AP names of various components, 2nd wifi device options and all aspects of internet connection when access thru captive portal.
2. Passive and Active DOS processes all run from only one(1) wifi device supporting packet injection. Passive DDOS allows RogueAP Clones running parallel with Rogue AP and still supporting active DDOS when required.
3. 17 Web Page folders supporting dns spoof and captive portals for both Open Web Sites, WPA Phishing AND WPA Enterprise
4. MITMf and sslslip, sslslip+ and sslstrip are setup thru menu options as required by user.
5. WPA Downgrade added to active DDOS choices available.
6 HTTPS trap to avoid warning to phish
7. Options for use of two(2) wifi devices
You can download the zip which contains a lengthy help file.
|
and
Quote:
HandShaker uses the aircrack-ng set of tools to automatically detect, deauth, capture and crack WPA/2 EAOPL handshakes:
|
and
Quote:
-Assisted Handshake capturing
-Wpa/wpa2 decrypting
-DoS
-Wps own pin database, bruteforce&dict attacks, Pixie Dust (all with reaver and bully)
-Evil Twin attacks on 5 different modes (captive portal, sniffing with sslstrip, sslstrip2+BeEF using bettercap, etc).
-Auto-updating (can be disabled).
-etc
|
Finally
https://en.wikipedia.org/wiki/Evil_t...less_networks)
|
|
|