Jump to content


Photo
- - - - -

need help securing my home wifi


  • Please log in to reply
19 replies to this topic

#13 scr4wl

scr4wl

    R34CT1V4T3D

  • Members
  • PipPipPipPipPip
  • 2916 posts
  • Gender:Male
  • Location:New Mexico

Posted 19 February 2017 - 10:42 PM

hmm I thought without broadcasting your SSID they would need to know it, otherwise they couldn't scan it. Of course you have those sniffing programs, but this will stop the script-kiddies from cracking it since they only know how to push a button.

There are scripts that will allow you to capture packets from all sources within range, regardless of the ssid being hidden or not.

What matters is obtaining a handshake, and if its not a public network, that can take days. Pray for a power outage.

Edited by tacohunter52, 19 February 2017 - 10:46 PM.

Generic Most Awesome Sig


#14 Braegnok

Braegnok

    Nimrod

  • Folding Member
  • 1190 posts
  • Gender:Male
  • Location:Colorado USA

Posted 20 February 2017 - 04:57 AM

 

hmm I thought without broadcasting your SSID they would need to know it, otherwise they couldn't scan it. Of course you have those sniffing programs, but this will stop the script-kiddies from cracking it since they only know how to push a button.

There are scripts that will allow you to capture packets from all sources within range, regardless of the ssid being hidden or not.

What matters is obtaining a handshake, and if its not a public network, that can take days. Pray for a power outage.

 

 

The handshake is WPA2-PSKs Achillies'heel. An attacker can use a tool to monitor traffic being transmitted over the air,.. and launch a deauth attack which forcibly disconnects your device from it's Wi-Fi network, and your device immediately reconnects, performing the four-way handshake which the attacker captures,.. it only takes a few seconds.


Edited by Braegnok, 21 February 2017 - 10:09 AM.

Intel Core i7-7700K

Asus Z270-WS

Nvidia GTX1080Ti SLI

32GB DDR4 2400MHz

SeaSonic SSR-1000PD

Corsair H115i

 


#15 scr4wl

scr4wl

    R34CT1V4T3D

  • Members
  • PipPipPipPipPip
  • 2916 posts
  • Gender:Male
  • Location:New Mexico

Posted 20 February 2017 - 07:24 AM

and after capturing an allowed devices ip from inside the attacker simply clones his ip and quickly becomes an allowed device.


This is the part I'm having trouble believing. Is there any truth to this? I know you are right about deauth requests, but thats provided you are in range and have a powerful enough wifi adapter.

Im pretty sure once you get a handshake, you essentially have to brute force it.

Ive heard of ip spoofing, but as a way to get people to connect to a fake access point. Or to change ip/mac to one that is allowed. (In the case of mac filtering or a limited ip range)

Can you really just change your ip and bypass authentication? that just sounds very farfetched.

I tried a search, but didnt see amything giving proof to this claim.

Generic Most Awesome Sig


#16 Braegnok

Braegnok

    Nimrod

  • Folding Member
  • 1190 posts
  • Gender:Male
  • Location:Colorado USA

Posted 20 February 2017 - 08:37 AM

Not sure if I'm comfortable posting full instructions,.. it's a bit more complicated than that, after deauth attack you launch a layer-2 attack (rouage AP) that takes advantage of the fact that devices are often set to automatically send an encrypted handshake packet containing passphrase to any wifi network that claims to be a "remembered" wifi network. Of course, the names of these "remembered" networks are broadcast,.. and this tricks the network into sending the encrypted passphrase to your random access point,.. OK now you have the handshake, encrypted passphrase, remembered network access, and allowed ip/MAC address from inside device,.. that's all you need to get in and launch a layer-7 attack on application and network resources for control of router. 


Edited by Braegnok, 20 February 2017 - 11:06 AM.

Intel Core i7-7700K

Asus Z270-WS

Nvidia GTX1080Ti SLI

32GB DDR4 2400MHz

SeaSonic SSR-1000PD

Corsair H115i

 


#17 scr4wl

scr4wl

    R34CT1V4T3D

  • Members
  • PipPipPipPipPip
  • 2916 posts
  • Gender:Male
  • Location:New Mexico

Posted 20 February 2017 - 09:54 AM

I think I see what you are getting at.

Generic Most Awesome Sig


#18 Braegnok

Braegnok

    Nimrod

  • Folding Member
  • 1190 posts
  • Gender:Male
  • Location:Colorado USA

Posted 20 February 2017 - 11:52 AM

While hacker is "on your wireless network",.. you can quickly determine hackers exact location with this free app. ;)   http://www.dopsys.co... Interface.html  


Edited by Braegnok, 23 February 2017 - 05:39 AM.

Intel Core i7-7700K

Asus Z270-WS

Nvidia GTX1080Ti SLI

32GB DDR4 2400MHz

SeaSonic SSR-1000PD

Corsair H115i

 


#19 dr_bowtie

dr_bowtie

    Chronic Haggler...

  • Moderator
  • PipPipPipPipPipPipPipPip
  • 18255 posts
  • Gender:Male
  • Location:Indiana....

Posted 21 February 2017 - 04:09 AM

You dont need any special tools to crack any wifi in windows.... Windows will do it for you via command prompt... Youtube it.

 

Best way to set up wifi is  where some one actually needs to log into the wifi and it needs to be verified and accepted before they can receive connection.  They need software like that but with all major companies wanting shared wifi it's hard to get that mainstream.


Wii-Kart code 2707-2013-4642~~~~~~ Diablo 3 drbowtie#1495

Commodore64....playing Crysis on high

Posted Image

**Noctua Owners Club: Member #2 - NH-D14**


#20 scr4wl

scr4wl

    R34CT1V4T3D

  • Members
  • PipPipPipPipPip
  • 2916 posts
  • Gender:Male
  • Location:New Mexico

Posted 21 February 2017 - 06:12 AM

You dont need any special tools to crack any wifi in windows.... Windows will do it for you via command prompt... Youtube it


Are you talking about netsh? That would require the windows computer to have at some point been connected to the wireless network.

otherwise with windows i think you would need tools. Maybe things have changed with the powershell now though?

Generic Most Awesome Sig