Book Image

Kali Linux Wireless Penetration Testing Cookbook

By : Sean-Philip Oriyano
Book Image

Kali Linux Wireless Penetration Testing Cookbook

By: Sean-Philip Oriyano

Overview of this book

More and more organizations are moving towards wireless networks, and Wi-Fi is a popular choice. The security of wireless networks is more important than ever before due to the widespread usage of Wi-Fi networks. This book contains recipes that will enable you to maximize the success of your wireless network testing using the advanced ethical hacking features of Kali Linux. This book will go through techniques associated with a wide range of wireless penetration tasks, including WLAN discovery scanning, WEP cracking, WPA/WPA2 cracking, attacking access point systems, operating system identification, vulnerability mapping, and validation of results. You will learn how to utilize the arsenal of tools available in Kali Linux to penetrate any wireless networking environment. You will also be shown how to identify remote services, how to assess security risks, and how various attacks are performed. By finishing the recipes, you will feel confident conducting wireless penetration tests and will be able to protect yourself or your organization from wireless security threats.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Wireless Penetration Testing Cookbook
Sean-Philip Oriyano
Dec, 2017 | 216 pages
Small book image
Kali Linux Wireless Penetration Testing Beginner???s Guide
Vivek Ramachandran | Cameron Buchanan
Dec, 2017 | 210 pages
Small book image
Hands-On Penetration Testing with Kali NetHunter
Glen D Singh | SeanPhilip Oriyano
Feb, 2019 | 302 pages
Small book image
Ethical Hacking Workshop
Mohammed Abutheraa | Rishalin Pillay
Oct, 2023 | 220 pages
Table of Contents (8 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Conventions
Reader feedback
Customer support
Free Chapter
1
Kali Linux and Wireless Networking
Kali Linux and Wireless Networking
Introduction
Installing Kali Linux
Installing Kali Linux on a PC
Installing Kali in a virtual environment
Updating Kali Linux
Preparing for wireless pentesting
2
Attacking Access Controls
Attacking Access Controls
Introduction
Working with war driving
Mapping access points and increasing accuracy
Creating a rogue access point
Evading MAC filtering with MAC spoofing
Identifying promiscuous clients
3
Attacking Integrity Controls
Attacking Integrity Controls
Introduction
Sniffing on a wireless network
Working with monitor mode and packet injection
Performing a data replay
Cracking WEP
4
Attacking Confidentiality
Attacking Confidentiality
Introduction
Creating an evil twin
Man-in-the-middle with wireless
Cracking WEP
5
Attacking Availability
Attacking Availability
Introduction
Executing a deauthentication flood
Detecting beacon frames
Spoofing beacon frames
Creating a beacon flood
ARP cache poisoning
6
Authentication Attacks
Authentication Attacks
Attacks against authentication
Types of attack
WEP attacks
WPA and WPA2 attacks
Attacking WPS
7
Bluetooth Attacks
Bluetooth Attacks
Introduction
A brief history of Bluetooth
Bluetooth in operation
Vulnerabilities in Bluetooth
Selecting the Bluetooth hardware
Types of attack
Bluesmacking
Bluejacking
Bluesnarfing

Bluesnarfing

Bluesnarfing is an interesting and very powerful attack that can be employed against vulnerable devices. In a nutshell, Bluesnarfing is the unauthorized access of device through a Bluetooth connection, often between phones, laptops, and similar types of devices. This attack provides access to various types of data and resources on the target, and on some phones users can copy pictures and private videos.

This type of attack targets any Bluetooth capable device that has its connection turned on and is discoverable by a scanning party. Turning off Bluetooth as well as keeping a device from being discoverable is a workaround for this problem.

For a device to be targeted, the attacker must guess the device's MAC address via a brute force attack. As is normal with brute force attacks, guessing the right MAC address is only a matter of time.

Bluetooth uses a 48-bit...
Previous Section
End of Chapter 7
Next Chapter