SensePostJun 4
Dominic White
Wifi hacking can be a useful tool, but people are out here grinding on WPA2 handshake cracking tutorials & menu driven attack tooling. When we built the 3rd and latest iteration of the wifi hacking course for #BlackHat - we did it to show what really works and how it really works. 1/7
Jun 4 at 11:55amWeb
Show threadDominic WhiteJun 4
Finding clients across the massively increased spectrum of 5/6/7Ghz needs different approaches if you want to be successful with a single wifi card on a pentest. (https://archive.org/details/youtube-eYsGyvGxlpI 2:33) 2/7
DEF CON 26 - singe - Practical and Improved Wifi MitM with Mana : DEFCONConference : Free Download, Borrow, and Streaming : Internet Archive

In 2014, we released the mana rogue AP toolkit at DEF CON 22. This fixed KARMA attacks which no longer worked against modern devices, added new capabilities...

Internet Archive
Show threadDominic WhiteJun 4
Very few people seem to know that PEAP relay gives you network access without needing to crack a password or for the victim to be onsite. (https://archive.org/details/youtube-eYsGyvGxlpI 17:12) 3/7
DEF CON 26 - singe - Practical and Improved Wifi MitM with Mana : DEFCONConference : Free Download, Borrow, and Streaming : Internet Archive

In 2014, we released the mana rogue AP toolkit at DEF CON 22. This fixed KARMA attacks which no longer worked against modern devices, added new capabilities...

Internet Archive
Show threadDominic WhiteJun 4
An otherwise well implemented corporate AP setup can still be vulnerable to certificate validation problems that would allow you to impersonate a legitimate AP and capture credentials. (https://archive.org/details/youtube-eYsGyvGxlpI 10:28) 4/7
DEF CON 26 - singe - Practical and Improved Wifi MitM with Mana : DEFCONConference : Free Download, Borrow, and Streaming : Internet Archive

In 2014, we released the mana rogue AP toolkit at DEF CON 22. This fixed KARMA attacks which no longer worked against modern devices, added new capabilities...

Internet Archive
Show threadDominic WhiteJun 4
Even if you’re doing some old fashioned WPA2 handshake cracking, do you know what it means when you only get frames 1 & 3 and how to handle it? Do you have a process for handshake cracking that moves you beyond getting lucky? 5/7
Show threadDominic WhiteJun 4
More importantly, have you built and architected your wifi networks to be defensible against someone that actually understands how the protocols work, and can modify what they’re doing in the face of obstacles? 6/7
Show threadDominic WhiteJun 4
If you’d like to learn the trade and not just the tricks - join us at BlackHat USA https://ow.ly/5FoC50VT5l8 FIN