Forum

  • Hello all,

    I understan how the attact can happen, but I want to see it (on my oun network!!!) I have commi-view for wi-fi. I was going to use it as a packet genrator. I will set up a VPN with no layer2 protection. I want to use commi-view to bump off the client. Then watch for the client to give up the passwords for the vpn.

    Thanks,
    Phil

  • If you are setting up a VPN with no protection/encryption, you can use Commview to sniff the traffic and decode without doing a man in the middle attack.

    If you want to do a man in the middle attack.

    1. Hacker would use application like Commview to analyze to determine the SSID, channel, etc... from the orginal AP you are hacking.

    2. Once you have all that info, you need to config a AP (usually LINUX machine)with the same info you retrieved from step one.

    3. Your AP has to have a stronger signal so the end user (client PC) will associated with your AP unstead.

    4. Now the unsuspected user is connected to your AP, but it will seem strange because he will not be able to access the network. So you need to use a program like dsniff,ettercap,etc. to do a arp spoof so you can bridge to the original AP.

    here is a link to ARP spoofing tools:
    http://www.sans.org/rr/whitepapers/threats/474.php

    for setting up your pc to act as AP. Airsnarf is a simple script for setting up a rogue AP via Linux. Includes a miniature DNS resolver that resolves all websites to the attacker's IP--allows for hosting fake Hotmail & PayPal websites on demand when combined with Apache's virtual hosting to snarf all sorts of website logins from hotspots or even corporate WLANs.

Page 1 of 1
  • 1