Results 1 to 4 of 4

Thread: MITM on Unsecured Wireless AP

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    May 2007
    Posts
    15

    Question MITM on Unsecured Wireless AP

    I wanted to demonstrate legal and technical hazards of leaving the Wireless APs in unsecured mode (without WEP or WAP-PSK), largely at Home installations.

    I understand that Man in the Middle Attacks are possible which leads to some one, not only getting connected to your AP and having a free ride on your money but also commit some crime while stealing your information that gets passed through the same AP.

    How should I demonstrate this live using Remote Exploit or any other MITM tool?

    Pls advise!!

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Magnet View Post
    I wanted to demonstrate legal and technical hazards of leaving the Wireless APs in unsecured mode (without WEP or WAP-PSK), largely at Home installations.

    I understand that Man in the Middle Attacks are possible which leads to some one, not only getting connected to your AP and having a free ride on your money but also commit some crime while stealing your information that gets passed through the same AP.

    How should I demonstrate this live using Remote Exploit or any other MITM tool?

    Pls advise!!
    You really wouldn't need to do a MIM attack to demonstrate that. If the AP is open, all you need to do is capture the traffic using the sniffer of your choice.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Member
    Join Date
    Oct 2006
    Posts
    130

    Default

    Quote Originally Posted by streaker69 View Post
    You really wouldn't need to do a MIM attack to demonstrate that. If the AP is open, all you need to do is capture the traffic using the sniffer of your choice.
    Well, to demonstrate it, use your selected tool and do it... how hard is that??

    But i'm thinking you want a step by step, how do I do a MIM attack...

    Which you won't get here. Go read the man.

  4. #4
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by Magnet View Post
    How should I demonstrate this live using Remote Exploit or any other MITM tool?

    Pls advise!!
    1. Assure yourself in legal test environment.
    2. Connect to "open AP"
    3. Do whatever you want.

    MITM attack is completely unnecessary as all the traffic is already yours for the taking.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •