[Nulled] » Information security » Social Engineering » 🌐 Fake Wi-Fi access points.
January 26 2023

🌐 Fake Wi-Fi access points.

🌐 Fake Wi-Fi access points.

It is necessary to note one more risk factor (and for some, an opportunity) when using Wi-Fi technologies: fake access points. Attacks of this type have been carried out for about 15 years (the first known case was the use of a tool called "Jasager" in 2008), and are very simple: firstly, it is not difficult to develop a tool for such an attack on your own, and secondly, a number of relevant devices are available for sale (for example, Wi-Fi Pineapple).

You can find out more about the technical side of the case below:

A discussion of such attacks using microcontrollers is available in the materials of the HOPE 2020 video conference.
The principle of operation of the Wi-Fi Pineapple Mark VII is also clearly presented on YouTube.

Such devices fit into a small bag and, when turned on, "capture" the Wi-Fi environment in any public place or room (bar, restaurant, cafe, train station, etc.). The coverage of the space is limited only by the signal strength of the device itself, which replaces the Wi-Fi networks around it, while blocking Wi-Fi clients in the reach zone from accessing the "genuine" network. To do this, in particular, a DoS attack of the type "deauthentication" (Wi-Fi deauthentication) or "disassociation" (Wi-Fi dissociation) is carried out, which continues until the target devices attempt to connect to the substituted access point.

The attacker's device can either simulate an adaptive portal (captive portal) with the same external configuration as the Wi-Fi network to which the victim's device is trying to access (for example, the airport check-in portal), or simply provide the victim with unlimited access to the local network, at the same time intercepting all traffic. As soon as the victim connects to the network through a fake access point, an attacker can use such a point to carry out any MITM attacks: redirect the victim to infected or fake sites, intercept traffic, and so on. Also, an attacker is able to easily identify any client trying, for example, to connect to a VPN server or a Tor network.

As for deanonymization, such techniques can be used as follows: the attacker knows that the target is in some public place, but it is not known who it is specifically. Using the device described above at the same time allows an attacker to fix any site visited by each visitor of such a place through a compromised Wi-Fi network, despite protection such as HTTPS, DoT, DoH, ODoH, VPN or Tor. In essence, traffic analysis in this case is conducted according to the same principles as when intercepting DNS requests.

The technologies described above can also be used to develop (including through careful imitation) advanced phishing web pages that will collect user credentials or require them to install a malicious file under the guise of a certificate that allows an attacker to analyze encrypted traffic from their devices.
Is there a way to somehow reduce the risks if you suddenly need to use a public Wi-Fi hotspot? With a high probability, traffic obfuscation using Tor — as an option, in combination with a VPN (Tor over VPN or VPN over Tor) — will allow you to complicate the actions of possible attackers.

Warning! You are not allowed to view this text.




Information

Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.

Comments:

This publication has no comments yet. You can be the first!

Information the publication:

Related News

30 December 2022
Altcoins Blog
The number of Helium

The number of access points of the decentralized IoT Helium network is approaching 1 million. The new type of

Read more
26 January 2023
Anonymity on the web
🌐Devices with Wi-Fi and

🌐Devices with Wi-Fi and Bluetooth support. Part2 Now back to the Wi-Fi access points. It has been reliably

Read more
23 January 2023
Information security
Orca provided

Orca provided information about 4 server-side request forgery attacks (SSRF) in Microsoft Azure services,

Read more
14 March 2022
Information security»,DDOS
What are DDoS attacks

What are DDoS attacks and why is it harder to defend from year to year According to the NETSCOUT Threat

Read more
16 January 2023
Information security
Chat bot ChatGPT can

Chat bot ChatGPT can become a dangerous tool in the hands of intruders, social engineers and fake news

Read more

Information

Users of 🆅🅸🆂🅸🆃🅾🆁 are not allowed to comment this publication.

Site Search

Site Menu


☑ Websites Scripts

Calendar

«    December 2024    »
MonTueWedThuFriSatSun
 1
2345678
9101112131415
16171819202122
23242526272829
3031 

Advertisement

Survey on the website

Evaluate the work of the site
 

Statistics

  • +6 Total articles 6751
  • +18 Comments 4237
  • +29 Users : 6074