Description: Welcome to Part 25 of the WLAN Security Megaprimer! Please start this series by watching Part 1 http://www.securitytube.net/video/1756, if you have not done so already.
In this video, we will explore the interesting world of WPA/WPA2 Honeypots. In previous videos, we have seen that if the Client profile contains an Open and No Encryption network, it is trivial to create a Honeypot and have it connect to us.
In the case of WEP, we found that it was possible to do the same thing. Also, by using the Caffe Latte Attack or the Hirte attack, one could crack the WEP key with just the client.
In the case of WPA/WPA2 PSK the case is interesting. We could create an AP with the same SSID and settings. Once the client connects to us, we get the first 2 packets of the WPA handshake. Once we have this, we could try to crack the WPA key using a dictionary attack.
Of course, the most important question - how do we know what security settings are there in the Client's probed SSID? We solve this as well in this video :)