Is it possible for an attacker to change the SSID in order to compromise the password?

H

hail3b2016-02-17 19:54:35

WiFi

hail3b, 2016-02-17 19:54:35

Everyone knows that if several Wi-Fi access points are assigned the same SSID and password, then the client, once connected to the first one, will successfully connect to the second one.
How does this happen? I think that when you first connect to Wi-Fi, a connection profile is created and the password, along with the SSID, is saved by the client. Then Wi-Fi is scanned and if the same SSID is located, authorization occurs. Moreover, if two Wi-Fi with the same SSID are available, then the connection is made to the one with the best signal level. And during authorization, the client passes the "password" to the point.
If so, is it possible for an attacker to steal the "password" from any NOT HIDDEN SSID Wi-Fi access point by replacing the SSID?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

C

Cool Admin, 2016-02-17
@hail3b

It's not quite right. The client does not provide a password to the point when connecting. Based on the password, poppy address of the client, poppy address of the point (BSSID) and network name (SSID), a temporary key is generated (it is run many times through a meat grinder, so it is not possible to recover the original password), and now we are going to the point with it, if the point accepted it, we connected, if not, we broke off. (in fact, everything is a little more complicated, and we don’t just pass this porridge to the point) It is not possible
to recover the password from this porridge. But all this if you have WPA (and preferably 2) ... if not, then ... the details are there:
habrahabr.ru/post/226431