Book Image

Kali Linux Wireless Penetration Testing Beginner???s Guide - Third Edition

By : Cameron Buchanan, Daniel W. Dieterle, Vivek Ramachandran
Book Image

Kali Linux Wireless Penetration Testing Beginner???s Guide - Third Edition

By: Cameron Buchanan, Daniel W. Dieterle, Vivek Ramachandran

Overview of this book

As wireless networks become ubiquitous in our lives, wireless penetration testing has become a key skill in the repertoire of the professional penetration tester. This has been highlighted again recently with the discovery of the KRACK attack which enables attackers to potentially break into Wi-Fi networks encrypted with WPA2. The Kali Linux security distribution comes with a myriad of tools used for networking attacks and detecting security loopholes. Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing with each new technology. You'll learn various wireless testing methodologies by example, from the basics of wireless routing and encryption through to detailed coverage of hacking methods and attacks such as the Hirte and Caffe Latte.
Table of Contents (21 chapters)
Kali Linux Wireless Penetration Testing Beginner's Guide Third Edition
Credits
Disclaimer
About the Authors
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface
Index

Time for action – uncovering hidden SSIDs


Perform the following instructions to get started:

  1. Using Wireshark, if we monitor beacon frames in the Wireless Lab network, we are able to see the SSID in plain text. You should see beacon frames, as shown in the following screenshot:

  2. Configure your access point to set the Wireless Lab network as a hidden SSID. The configuration option to do this may differ across access points. In my case, I need to check the Invisible option in the Visibility Status option, as shown in the following screenshot:

  3. Now if you take a look at the Wireshark trace, you will find that the SSID Wireless Lab has disappeared from the beacon frames. This is what hidden SSIDs are all about:

  4. In order to bypass beacon frames, we will first use the passive technique of waiting for a legitimate client to connect to the access point. This will generate probe request and probe response packets that will contain the SSID of the network, thus revealing its presence:

  5. Alternatively, you can...