OP 03 June, 2022 - 12:14 AM
(This post was last modified: 03 June, 2022 - 12:39 AM by HaxSploit. Edited 5 times in total.
Edit Reason: Typo
)
Hi,
I am new around here and I have currently 8 replies on exactly 8 posts. After I saw the rules and noticed the ban lists reasons and put two and two together I came here but as ironically suspicious as that sounds I wanted to make this post due to a problem I have come across over the years on Wifi-Hacking in retrieving the Wifi Password due to the absolute lack of success of mainstream methods and being as "anonymous" or as safe as possible and recently a lack of information, experimentation and easy to understand documentation of " Frag Attacks. " -something thing to spice the place up.
I have enjoyed the concept of Wifi Hacking but it seems we have hit a wall. I'm gonna be honest and let out my feelings like a little 9 year old and say, I don't want to hear about another Pixie Attack WPS Tutorial, airgeddon this, aircrack that, dictionary Attacks here, Something about hashes over there, I'm done. I understand I sound unappreciative of all efforts of cyber security advancements within mostly Kali distros over the years to even see what these tools are... like Aircrack, Wifite, Airgeddon, Heck even Kismet, Maybe even the sad glitchy and buggy relic that is LazyScript. I know I can't talk too much knowing myself especially but basically, here I will put my common but sad thoughts on the current attacks I more or less understand with an addition to think about to make better posts over time for future posts so it does not become clutter over time and then something on Frag Attacks in regards to Wifi-Hacking which has caught my eye.
Dictionary attacks - Takes too long even if hashed. What kind of recon would one have to do to help a dictionary attack be better prepared to bruteforce.
WPS attacks - Besides bashing on the fact that with every 6-12 months WPS attack success will hit zero eventually excluding demo tests, You can have a Network say WPS enabled but if it's not configured how would you know? How do you properly fine tune your wps pin attacks so you don't get timed out as much or worse locked out or strategies around it. Not mentioning fixing glitches or maybe legit reasons why common wps cracking scripts are always stuck on 1 pin testing it over and over.
Evil Twin Attack - Cool and all until you realize that the "victim" has to use a login page with whatever it says.. which is literally only for clues..
ARP Poisoning Relay attack - Nearly the same results as the Evil Twin attack but, This is easily detectable on certain networks and you could get flagged/blocked.
Man In The Middle Attack ^
Krack Attack - nearly the same thing... ARP related, but Relaying a network without the SSL Strip in URL. -This is not really for Wifi passwords though
Mac changer - Usually used only for Wifi with Login pages, Paid wifi.... and things of that nature but slap in some regular WEP/WPA/WPA2/WPA3 password and Poof method is terrible.
-Although... there is some theoretical usage of Authentication with this on regular wifi networks but I have not seen any solid documentation yet.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Now for something I would like to see on user posted experiments and tutorial steps for achieved results and how to stay anonymous also while performing such attacks as always with every attack (Usually people do not make their tutorials intertwined with those critical steps for the real world.)
Frag Attacks:
What Are Wi-Fi Frag Attacks and How Can You Protect Against Them? Short for "fragmentation" and "aggregation", Frag attacks allow hackers to bypass firewalls to inject code into Wi-Fi traffic. A new set of vulnerabilities known as Frag attacks have been discovered in Wi-Fi-enabled devices.
A website that rather you clicking on my link I rather just search the necessary keywords on your favorite web browser to get to the same place to reduce risk in general for you as a user.
https://www.fragattacks.com/
This website has a ton of documentation of this kind of attack and recently I got an understanding on the attack. Even though this is a great source and Youtube has 2-3 videos on this attack by the same person, It's more of a demo where not everything is explained in the best way possible. Simply because it's a demo, not a tutorial.
This is their github: https://github.com/vanhoefm/fragattacks
-same warning in regards to the link above...
I attempted to "install" everything I needed but it may be the high level vocabulary of Linux related devices and interfaces and directories and... dependencies but like many I struggle to grasp everything at once especially when it's prepared. I'm not saying I need baby food information but.. this is pre-processed information and yeah I'm trying okay..
Regardless of this the Official demo they have is very interesting how this works, While this is technically not.. "New" Wep/Wpa/Wpa2/Wpa2-PSK/Wpa3 is.. Vulnerable and it's a 50/50 shot per AP router and idk about you but knowing how things are usually around us... these are pretty good odds for a documentation with some factors accounted in regards to your target. Anyway I would appreciate more research on this by the community because I think it's great and I would love to see a Well-Put tutorial on this.
Appreciate any support of the matter. Point is to dumb down the documentation and information and create assembly line tutorials for this so it's easy for everyone to do and replicate.
-Potentially idk Just something I wanted to bring up. :)
I am new around here and I have currently 8 replies on exactly 8 posts. After I saw the rules and noticed the ban lists reasons and put two and two together I came here but as ironically suspicious as that sounds I wanted to make this post due to a problem I have come across over the years on Wifi-Hacking in retrieving the Wifi Password due to the absolute lack of success of mainstream methods and being as "anonymous" or as safe as possible and recently a lack of information, experimentation and easy to understand documentation of " Frag Attacks. " -something thing to spice the place up.
I have enjoyed the concept of Wifi Hacking but it seems we have hit a wall. I'm gonna be honest and let out my feelings like a little 9 year old and say, I don't want to hear about another Pixie Attack WPS Tutorial, airgeddon this, aircrack that, dictionary Attacks here, Something about hashes over there, I'm done. I understand I sound unappreciative of all efforts of cyber security advancements within mostly Kali distros over the years to even see what these tools are... like Aircrack, Wifite, Airgeddon, Heck even Kismet, Maybe even the sad glitchy and buggy relic that is LazyScript. I know I can't talk too much knowing myself especially but basically, here I will put my common but sad thoughts on the current attacks I more or less understand with an addition to think about to make better posts over time for future posts so it does not become clutter over time and then something on Frag Attacks in regards to Wifi-Hacking which has caught my eye.
Dictionary attacks - Takes too long even if hashed. What kind of recon would one have to do to help a dictionary attack be better prepared to bruteforce.
WPS attacks - Besides bashing on the fact that with every 6-12 months WPS attack success will hit zero eventually excluding demo tests, You can have a Network say WPS enabled but if it's not configured how would you know? How do you properly fine tune your wps pin attacks so you don't get timed out as much or worse locked out or strategies around it. Not mentioning fixing glitches or maybe legit reasons why common wps cracking scripts are always stuck on 1 pin testing it over and over.
Evil Twin Attack - Cool and all until you realize that the "victim" has to use a login page with whatever it says.. which is literally only for clues..
ARP Poisoning Relay attack - Nearly the same results as the Evil Twin attack but, This is easily detectable on certain networks and you could get flagged/blocked.
Man In The Middle Attack ^
Krack Attack - nearly the same thing... ARP related, but Relaying a network without the SSL Strip in URL. -This is not really for Wifi passwords though
Mac changer - Usually used only for Wifi with Login pages, Paid wifi.... and things of that nature but slap in some regular WEP/WPA/WPA2/WPA3 password and Poof method is terrible.
-Although... there is some theoretical usage of Authentication with this on regular wifi networks but I have not seen any solid documentation yet.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Now for something I would like to see on user posted experiments and tutorial steps for achieved results and how to stay anonymous also while performing such attacks as always with every attack (Usually people do not make their tutorials intertwined with those critical steps for the real world.)
Frag Attacks:
What Are Wi-Fi Frag Attacks and How Can You Protect Against Them? Short for "fragmentation" and "aggregation", Frag attacks allow hackers to bypass firewalls to inject code into Wi-Fi traffic. A new set of vulnerabilities known as Frag attacks have been discovered in Wi-Fi-enabled devices.
A website that rather you clicking on my link I rather just search the necessary keywords on your favorite web browser to get to the same place to reduce risk in general for you as a user.
https://www.fragattacks.com/
This website has a ton of documentation of this kind of attack and recently I got an understanding on the attack. Even though this is a great source and Youtube has 2-3 videos on this attack by the same person, It's more of a demo where not everything is explained in the best way possible. Simply because it's a demo, not a tutorial.
This is their github: https://github.com/vanhoefm/fragattacks
-same warning in regards to the link above...
I attempted to "install" everything I needed but it may be the high level vocabulary of Linux related devices and interfaces and directories and... dependencies but like many I struggle to grasp everything at once especially when it's prepared. I'm not saying I need baby food information but.. this is pre-processed information and yeah I'm trying okay..
Regardless of this the Official demo they have is very interesting how this works, While this is technically not.. "New" Wep/Wpa/Wpa2/Wpa2-PSK/Wpa3 is.. Vulnerable and it's a 50/50 shot per AP router and idk about you but knowing how things are usually around us... these are pretty good odds for a documentation with some factors accounted in regards to your target. Anyway I would appreciate more research on this by the community because I think it's great and I would love to see a Well-Put tutorial on this.
Appreciate any support of the matter. Point is to dumb down the documentation and information and create assembly line tutorials for this so it's easy for everyone to do and replicate.
-Potentially idk Just something I wanted to bring up. :)