EvilZone

Hacking and Security => Beginner's Corner => : aes256 August 13, 2015, 11:06:43 AM

: EvilTwin AP Question
: aes256 August 13, 2015, 11:06:43 AM

I'm in the process of setting up an EvilTwin connection, I'm doing this to capture the WPA/WPA2 password, because WPS is disabled. And bruteforcing it with a dictionary attack would take too long and most likely fail.

So my question is, the network I'm attempting to break into has some really strange router, its not like Verizon or anything where I can just download the HTML file off somewhere else. But this is some odd router, and I have no idea what theme it is, and I can't social engineer these people if the theme is completely wrong or just some plain odd one (they aren't that ignorant to infosec).

I was thinking about just social engineering them by deauthing them when using WPA encryption and say try to downgrade to WEP, but I wanted to do something more sophisticated and creative. And I don't even work there, so why would they listen to me??

I think I might just be ignorant and have no idea what I'm talking about, and there is probably an easy fix for this. But, I'd appreciate any help. Thanks. (I'm kind-of new to this).

: Re: EvilTwin AP Question
: Avengers August 17, 2015, 12:02:01 AM

Do you know anything about the router? Brand name, model number, ect? Then at least if you don't have a logo you could design one or just use the brand and model or whatnot.

: Re: EvilTwin AP Question
: proxx August 17, 2015, 06:05:39 AM

: aes256  August 13, 2015, 11:06:43 AM

I'm in the process of setting up an EvilTwin connection, I'm doing this to capture the WPA/WPA2 password, because WPS is disabled. And bruteforcing it with a dictionary attack would take too long and most likely fail.

So my question is, the network I'm attempting to break into has some really strange router, its not like Verizon or anything where I can just download the HTML file off somewhere else. But this is some odd router, and I have no idea what theme it is, and I can't social engineer these people if the theme is completely wrong or just some plain odd one (they aren't that ignorant to infosec).

I was thinking about just social engineering them by deauthing them when using WPA encryption and say try to downgrade to WEP, but I wanted to do something more sophisticated and creative. And I don't even work there, so why would they listen to me??

I think I might just be ignorant and have no idea what I'm talking about, and there is probably an easy fix for this. But, I'd appreciate any help. Thanks. (I'm kind-of new to this).

Are you always this jumpy?
Anyway, you can find the vendor based on the MAC addr of the radio, this should get you started.
http://www.macvendorlookup.com/