Hacker News new | past | comments | ask | show | jobs | submit login

> spoof an access point with the same SID

Pwnagotchi does not do this, despite your errant assertions. E.g. source code: https://github.com/evilsocket/pwnagotchi/blob/64e677f5df8f9b...

> Voila, cleartext PSK without any bruteforcing.

Pretending to be an access point and going through a handshake doesn't let you retrieve the pre-shared key. (Unless the client is vulnerable to downgrade attacks-- which hasn't been a big consideration in more than a decade). Evil twin attacks are powerful but don't achieve what you say.

The station sends to the access point a message authentication code based on nonces and the pairwise master key, which in turn is based on the "network password". It's produced using a series of HMACs and isn't an operation that can be inverted without brute force.

https://en.wikipedia.org/wiki/IEEE_802.11i-2004#/media/File:...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: