WPA2 Half-Handshake
#6
The -b option (beaconing on the last 10 probes) will seduce clients which do not send probes, yet, to probe us and then to connect us.


I'm having a bit of trouble parsing out what exactly this means. I am aware that many clients do not send probes, but if they don't send probes how can we beacon for them? Do we assume that they may "bite" at a beacon that matches a probe of a nearby (different) device just by chance? Or am I missing something?

The answer you gave is very helpful. It sounds like wlandump-ng is already doing what I was asking about, which is great news. I also had no idea about Alex's project. That is a wonderful idea, I am interested in contributing. Do you know where the product of much of that research goes? Like are there downloadable wordlist files or blog posts etc about the statistical analysis of passwords uploaded so far etc?


Messages In This Thread
WPA2 Half-Handshake - by braxxox - 08-01-2017, 04:54 PM
RE: WPA2 Half-Handshake - by ZerBea - 08-01-2017, 05:09 PM
RE: WPA2 Half-Handshake - by ZerBea - 08-01-2017, 07:11 PM
RE: WPA2 Half-Handshake - by braxxox - 08-01-2017, 10:34 PM
RE: WPA2 Half-Handshake - by ZerBea - 08-01-2017, 11:23 PM
RE: WPA2 Half-Handshake - by braxxox - 08-02-2017, 03:22 AM
RE: WPA2 Half-Handshake - by ZerBea - 08-02-2017, 06:54 AM
RE: WPA2 Half-Handshake - by ThiagoAlvarenga - 08-02-2017, 04:48 AM
RE: WPA2 Half-Handshake - by ZerBea - 08-02-2017, 07:10 AM