It seems as though if PMF is enabled, deauthentication is essentially impossible without giving a full DoS to the router itself in a more complex way because the router and victim will reject the management frames which are not authenticated.
Is this correct? And if so, is it fair to say that deauthing then using a captive portal is a waste of time?
Additionally, if it's unknown whether or not the target router and victim's devices are using PMF, is there any way to verify technologically whether deauthentication packets are having any effect?
Or is there no way to tell the difference between a deauth'ed victim who never connects to the rogue access point and one who was never deauth'ed due to PMF in the first place?
Can I perhaps analyse the packets in some particular way if I can capture a handshake, to see if PMF is enabled?
[link] [comments]
from hacking: security in practice https://ift.tt/bd8mpqK
Comments
Post a Comment