I was wondering, why can rougeAPs not capture wpa passkeys.
I know that several wireless cards have the ability to create an access point, and after a user connects they can be phished and spoofed. I know that they cannot currently capture passwords because it requires a 4 way handshake, and your AP must already know the passphrase. What i am wondering is since the AP must compare the passwords in some way, why can an access point not have a password of all like " Password=’*’ " and then send the passphrase to the user. Even if this was a “re-invent the wheel” situation wouldn’t it be worth it?
This makes me wonder if a hacker could re-invent other services to get protected data.