Questions tagged [rogue-ap]

A rogue AP is an unauthorized wireless access point placed on a network to allow access to the network it is attached to.

A rogue AP may be used to attack a network where it would be noticeable to physically connect to the network. It may also refer to an innocently attached wireless access point which is unauthorized.

Rogue APs are a security threat because they allow a physical network to be connected to wirelessly in a manner that is not properly secured. They may be used for gaining access to a physical network so that attacks can be worked on from outside of the building or secure area in which the rogue ap is located.

For questions dealing with wireless access points that are impersonating another access point, the correct tag is .

11 questions
23
votes
2 answers

Rude neighbor with PineAP or something similar

For the past week or so I've been having problems with wifi in my house, and it appears that my neighbor set up a Pineapple or something similar that is running a known beacon attack and/or Karma/Dogma. It is also interfering with devices connecting…
user15741
  • 330
  • 2
  • 6
3
votes
2 answers

Is it foolish to trust a Wi-Fi network just because it uses a specific recognized SSID?

This article in the Avira (part of NortonLifeLock) security blog discusses (vaguely) security risks of public Wi-Fi. The article states: Man in the middle attacks are also a very prominent threat, this is when a hacker sets up a network to lure…
3
votes
1 answer

Can you detect a wifi pineapple or rogue AP with MAC address?

This posting has some good advice for tracking rogue access points: Tracking down a rogue access point The issue I have is that many will not work for a huge deployment. I'd like to build a device to look for them that I can keep on me and walk the…
bashCypher
  • 1,839
  • 11
  • 21
2
votes
2 answers

WPA2 Enterprise: no risks for preconfigured clients when it comes to Rogue APs?

We are using, as default, PEAP and MS-CHAPv2 as inner authentication. I was concerned with security risks when it comes to rogue APs but a colleague told me that there are no risks for preconfigured clients. He told me there are risks only for…
Jade Kush
  • 21
  • 2
2
votes
1 answer

Find rogue access point if area is saturated with networks

What do you do if you scan for rogue Access Points and find that the area is saturated by surrounding businesses with their own wifi? I recently scanned for wifi networks and found 60+ networks just by walking around. I know some of the networks I…
sames
  • 23
  • 2
1
vote
2 answers

Capturing cleartext authentication (EAP-TTLS/PAP) with WPA-2 Enterprise?

I am running an evil twin attack with eaphammer, by default it seems to capture mschapv2 authentication which contains the username and NETNTLM hashes. I have manually created a WiFi connection (on Windows) and manually select not to verify CA and…
Anderson
  • 475
  • 6
  • 12
1
vote
0 answers

Can not create an "evil twin access point" with the same SSID as the original

I am practising pen-testing for a while now and I have a kali Linux 2017.2 physical machine. I tried to create an evil twin access point using tools like fluxion, wifiphisher and wifi-pumpkin. Note that I used an Alpha Card AR9271. When the access…
Penguin
  • 11
  • 2
0
votes
1 answer

Can an attacker perform MiTM attacks on non-web based clients such as Microsoft Outlook using a Rogue Access Point?

I understand an attacker could perform MiTM on Rogue Access Points and capture cleartext traffic between a web client and server. However, is it possible that an attacker could do similar MiTM attacks on thick clients such as Outlook If so, how…
sxmad
  • 115
  • 5
0
votes
1 answer

How and what can attackers use Rogue AP attacks for?

I have some questions about rogue access points. How attackers can get victim's creds over secured HTTPS websites? Can attackers do this kind of attack only by using basic tools + sharing the AP from computer without the need of devices (like wifi…
9ys
  • 36
  • 4
0
votes
0 answers

Man in the middle after evil twin

I've set up an Evil twin access point using the aircrack suite, what i'm missing is how to complete the man in the middle access point side like the picture shown below, I've been suggested ettercap but I'm not familiar with it. The goal is: …
0
votes
0 answers

evil twin like attack

Is it possible to make a fake AP with the same SSID that has a password and when clients try to access it and type a password, the software verifies it with a handshake?