Home Forums Reply To:



Oooh. Nice thinking.

Yes and yes.

Yes – The ssid would be connected to (assuming stronger connection then other with same name), as the base stations mac in large environments actually does change. The technology has to allow for this ‘device pass over’, think walking around in malls, or two different Starbucks. This is typically called a ‘evil twin’ attack.

Yes – The password is sent, but not the way you imagine. It’s never sent clear text over the air (because then we would just sniff it right?) It’s sent in a secure exchange, that means you need to gather many of these ‘password exchanges’ and then crack these ‘hashes’ using brute force. We use a deauth attack (a packet that tells then base and host to reauth) to increase the capture of these exchanges. In WEP and WPA1 this has become almost trivial, and that’s why we use WPA2 these days. These are the methods for exchanging these passwords.

Great questions. Great thinking.