In a WiFi Pentest I have tried word list attack, WPS attack, Pixie Dust attack on my client WiFi Access point and it seems to be secure and protected from those attacks.
I want to make sure it cant be broken in to are there other techniques I can use as well?
Another approach more sneaky attack is doing a WiFi Phishing attempt.
In that case you choose an remote access point. The Penetrator knock it offline and clone its MAC address to make a new Access Point with the same name as a target while the target is being knocked offline.
When it looks as the target access point and being online pretending to be it. Legitimate users will connect to it.
When they are connected it will then try to trick them to reveal the WiFi password by pretending to be a new firmware update that must be installed.
This technique rely on the vulnerability in the human instead of the access point.
It can produce high success rate by fooling the humans to reveal their real passwords easily and fast.
The only downside is the attacker must be in the area waiting for users to connect and must be in the close by area to produce a good enough signal for users to connect to the spoofed clone access point.
Where in a normal traditional WiFi connection handshake attack the attacker can just sniff a handshake and go to another location and run large word list cracking on it.
Please sign in to leave a comment.