Not getting an AP Probe Response #1
Comments
|
I have the same problem! |
|
You're right, that's why I have step 5 in main(), with deauth jamming on the real AP channel. Maybe I shouldn't wait for a probe request, and directly send probe responses on fake channel ? I'll give it a try. |
|
Answer is here : https://hackerone.com/reports/286740
I need to us CSA |
|
Have to find the CSA struct. Maybe in hostapd repo ieee.h somewhere. |
|
i see it need wlan1 and wlan0 |
|
You need two wifi cards that can be used in monitor mode. If you only have one, you need to purchase another one (awus036h for example). But this PoC is WIP, so not working for now. |
|
I use a laptop, if I use a laptop with its own wireless network card and an external card, can you? |
|
Just check the paper for details. As I said, you need two wifi cards that can monitor traffic. Internal/external is irrelevant. |
|
Commit #f962b19 |
|
I saw you updated csa, then want to ask you, this poc can be achieved, use it to attack it,Or is it just a vulnerability verification |
|
Its goal is to be a full PoC, not just a vulnerability verification (scapy has a module for that) |
|
谢谢,那您的意思是现在这个poc是可以使用的,还是在完善之中?,我的英语很糟糕,请原谅 |
|
It's not finished. It will be finished when I remove "WIP" tag from project name (see TODO list in the Readme) |
|
Thank you very much, my leader wanted me to study this vulnerability, but I have absolutely no contact with this protocol, I prefer web security, but spent the day yesterday studying /~https://github.com/vanhoefm/krackattacks- Test-ap-ft in the tool, they found only poc, until encountered your project, I am pleased to meet you, if you can become friends |
|
Succeeded to have a |
|
Does the target ap have to have csa enabled in order to get an ap probe response? |
|
I'm not sure I got your question. Target AP doesn't need to have anything enabled. Client has to understand CSA requests though. |
|
ok im just trying to understand this better, so for the ap probe response to work correctly, someone needs to join the targets ap thats why there is a jammer. Could it be the jammer that doesnt kick everyone off the ap long enough for you to catch the response probe? |
I'm only kicking the targeted client, and it's working, it's just unstable, as I said before 😉 |
|
hey, I see a exploit on github ,This may be of some help for you. The address is /~https://github.com/NoahhhRyan/krackattacks-test. and doc address is http://www.freebuf.com/articles/wireless/153255.html.Good lucky! |
|
Hello, Thank you for sharing. I saw that and it has plenty of useful information, but it's neither implementing MitM not crypto attack. Useful paper is channel-base MitM for those who wanna try to make this script work better. |
|
Haha, this agreement is not very understand, I wish you an early completion of your exploit |
|
I enforce it, an error occurred that "Could not retreive an AP Probe response“.What should I do next? |
|
Is it possible to use the code for WPA-TKIP? |
|
@Tomotaa : It might be necessary to force AP Probe Response with a manual deauth |
|
@sergeyzapor The poc is Imperfect.So It's hard to attack successfully.Also the |
|
Are there any plans to update this PoC to increase stability? Would be really great! |
|
Are there any plans to update this? Last updating is long times ago~ I hope it can be finished,pls~ |
|
Hi, no i don't have time to update it. But please feel free to do so ! |
|
I would like to ask if it is necessary to save AP Probe response. |
|
Not maintained anymore. |
I know it's early (WIP), but I thought I'd mention that the program will only get an AP Probe Response if someone is joining the network. If the target is already associated to the AP, it needs to get deauthed before listening for a Probe Response.
The text was updated successfully, but these errors were encountered: