Book Image

Kali Linux Wireless Penetration Testing Cookbook

By : Sean-Philip Oriyano
Book Image

Kali Linux Wireless Penetration Testing Cookbook

By: Sean-Philip Oriyano

Overview of this book

More and more organizations are moving towards wireless networks, and Wi-Fi is a popular choice. The security of wireless networks is more important than ever before due to the widespread usage of Wi-Fi networks. This book contains recipes that will enable you to maximize the success of your wireless network testing using the advanced ethical hacking features of Kali Linux. This book will go through techniques associated with a wide range of wireless penetration tasks, including WLAN discovery scanning, WEP cracking, WPA/WPA2 cracking, attacking access point systems, operating system identification, vulnerability mapping, and validation of results. You will learn how to utilize the arsenal of tools available in Kali Linux to penetrate any wireless networking environment. You will also be shown how to identify remote services, how to assess security risks, and how various attacks are performed. By finishing the recipes, you will feel confident conducting wireless penetration tests and will be able to protect yourself or your organization from wireless security threats.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Wireless Penetration Testing Cookbook
Sean-Philip Oriyano
Dec, 2017 | 216 pages
Small book image
Kali Linux Wireless Penetration Testing Beginner???s Guide
Vivek Ramachandran | Cameron Buchanan
Dec, 2017 | 210 pages
Small book image
Hands-On Penetration Testing with Kali NetHunter
Glen D Singh | SeanPhilip Oriyano
Feb, 2019 | 302 pages
Small book image
Ethical Hacking Workshop
Mohammed Abutheraa | Rishalin Pillay
Oct, 2023 | 220 pages
Table of Contents (8 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Conventions
Reader feedback
Customer support
Free Chapter
1
Kali Linux and Wireless Networking
Kali Linux and Wireless Networking
Introduction
Installing Kali Linux
Installing Kali Linux on a PC
Installing Kali in a virtual environment
Updating Kali Linux
Preparing for wireless pentesting
2
Attacking Access Controls
Attacking Access Controls
Introduction
Working with war driving
Mapping access points and increasing accuracy
Creating a rogue access point
Evading MAC filtering with MAC spoofing
Identifying promiscuous clients
3
Attacking Integrity Controls
Attacking Integrity Controls
Introduction
Sniffing on a wireless network
Working with monitor mode and packet injection
Performing a data replay
Cracking WEP
4
Attacking Confidentiality
Attacking Confidentiality
Introduction
Creating an evil twin
Man-in-the-middle with wireless
Cracking WEP
5
Attacking Availability
Attacking Availability
Introduction
Executing a deauthentication flood
Detecting beacon frames
Spoofing beacon frames
Creating a beacon flood
ARP cache poisoning
6
Authentication Attacks
Authentication Attacks
Attacks against authentication
Types of attack
WEP attacks
WPA and WPA2 attacks
Attacking WPS
7
Bluetooth Attacks
Bluetooth Attacks
Introduction
A brief history of Bluetooth
Bluetooth in operation
Vulnerabilities in Bluetooth
Selecting the Bluetooth hardware
Types of attack
Bluesmacking
Bluejacking
Bluesnarfing

ARP cache poisoning

In this recipe, we are not going to be directly assaulting the wireless network, but manipulating something that is present in the networks to carry out actions, such as sniffing or man-in-the-middle attacks. The technique we're exploring here is something known as ARP cache poisoning, and is something that can be used on any network that is using the TCP/IP protocol.

So what is ARP? Well ARP, or address resolution protocol, is a component of the TCP/IP protocol that is used to link a logical addresses or IP addresses to a physical address or MAC address. In practice, the following is what happens with ARP.

Let's imagine a situation where you have two clients that are on the same subnet who wish to initiate communication with one another. In this situation, an IP address is not needed in the normal sense because there are no routing requirements present...

Previous Section
End of Chapter 5
Next Chapter