Rogue AP and Hacking and Android Device to Read files.

[FurqanHanif]

i Have a Question (it's a Bit Stupid But i thhought maybe you will help me to clear my Mind) , Let's say i created an Unencrypted Fake AP , and an Client connected to it , you said that we can control the client even we can inject data to , so is this possible that i create an Payload,Virus or something else and then inject or send to connected client and now i activate that virus and it sends me (via mail or i can access it in realtime) the file in which all the wifi passwords are stored , so is this possible ?? can it be implemented in the real world?? if no then why ??

Thanks in Advance.

[reap-]

TLS..... wins.....

get the mortal kombat ref?

honestly if you are wanting to injection a payload into already existing traffic you would have to hope the user was not using any encrypted web services and would be downloading something for you to inject into in the first place.   you would have better luck stealing the actual phone and running it through some forensic crap to steal the passwords.

Doesn't it sound a little too simple the way you describe it?  Thats why things dont work that way or else everyone and their momma would be doin it.

[FurqanHanif]

But on some other post , it says that it's Possible. (Same question is askd by some other person). 
See the last Comments in the Post..
http://null-byte.wonderhowto.com/how-to/hack-wi-fi-creating-evil-twin-wireless-access-point-eavesdrop-data-0147919/

[proxx]

You should take a look at evilgrade.
Apart from that , yes its possible to inject say bad javascript into a datastream.
BURP might be able to help.

[FurqanHanif]

Hmm Ri8 , i 'll Check.