Book Image

Kali Linux Wireless Penetration Testing Cookbook

By : Sean-Philip Oriyano
Book Image

Kali Linux Wireless Penetration Testing Cookbook

By: Sean-Philip Oriyano

Overview of this book

More and more organizations are moving towards wireless networks, and Wi-Fi is a popular choice. The security of wireless networks is more important than ever before due to the widespread usage of Wi-Fi networks. This book contains recipes that will enable you to maximize the success of your wireless network testing using the advanced ethical hacking features of Kali Linux. This book will go through techniques associated with a wide range of wireless penetration tasks, including WLAN discovery scanning, WEP cracking, WPA/WPA2 cracking, attacking access point systems, operating system identification, vulnerability mapping, and validation of results. You will learn how to utilize the arsenal of tools available in Kali Linux to penetrate any wireless networking environment. You will also be shown how to identify remote services, how to assess security risks, and how various attacks are performed. By finishing the recipes, you will feel confident conducting wireless penetration tests and will be able to protect yourself or your organization from wireless security threats.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Wireless Penetration Testing Cookbook
Sean-Philip Oriyano
Dec, 2017 | 216 pages
Small book image
Kali Linux Wireless Penetration Testing Beginner???s Guide
Vivek Ramachandran | Cameron Buchanan
Dec, 2017 | 210 pages
Small book image
Hands-On Penetration Testing with Kali NetHunter
Glen D Singh | SeanPhilip Oriyano
Feb, 2019 | 302 pages
Small book image
Ethical Hacking Workshop
Mohammed Abutheraa | Rishalin Pillay
Oct, 2023 | 220 pages
Table of Contents (8 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Conventions
Reader feedback
Customer support
Free Chapter
1
Kali Linux and Wireless Networking
Kali Linux and Wireless Networking
Introduction
Installing Kali Linux
Installing Kali Linux on a PC
Installing Kali in a virtual environment
Updating Kali Linux
Preparing for wireless pentesting
2
Attacking Access Controls
Attacking Access Controls
Introduction
Working with war driving
Mapping access points and increasing accuracy
Creating a rogue access point
Evading MAC filtering with MAC spoofing
Identifying promiscuous clients
3
Attacking Integrity Controls
Attacking Integrity Controls
Introduction
Sniffing on a wireless network
Working with monitor mode and packet injection
Performing a data replay
Cracking WEP
4
Attacking Confidentiality
Attacking Confidentiality
Introduction
Creating an evil twin
Man-in-the-middle with wireless
Cracking WEP
5
Attacking Availability
Attacking Availability
Introduction
Executing a deauthentication flood
Detecting beacon frames
Spoofing beacon frames
Creating a beacon flood
ARP cache poisoning
6
Authentication Attacks
Authentication Attacks
Attacks against authentication
Types of attack
WEP attacks
WPA and WPA2 attacks
Attacking WPS
7
Bluetooth Attacks
Bluetooth Attacks
Introduction
A brief history of Bluetooth
Bluetooth in operation
Vulnerabilities in Bluetooth
Selecting the Bluetooth hardware
Types of attack
Bluesmacking
Bluejacking
Bluesnarfing

Performing a data replay

Now let's take things up a notch by performing a follow-on attack to sniffing commonly known as a replay, or data replay. As the name suggests, information that is captured from the network is stored and then played back to the network device it was directed at. However, the attack can be much more dangerous if the right information is collected and little to no protective measures are used on the defensive side.

Information such as login credentials that could be captured during a victims' login process could simply be replayed at a server or another resource and access granted. This would be tremendously effective in environments where protocols that are not encrypted are in use.

In this recipe, we will perform a replay attack using the Address Resolution Protocol (ARP), but this attack could be modified to carry out other protocols and actions...

Previous Section
End of Section 5
Next Section