We will assume that the wireless client has a network Wireless Lab configured on it and it actively sends Probe Requests for this network, when it is not connected to any access point. In order to find the security configuration of this network, we will need to create multiple access points. For our discussion, we will assume that the client profile is either—an open network, WEP protected, WPA-PSK or WPA2-PSK. This would mean we would have to create four access points. To do this we will first create four virtual interfaces—mon0 to mon3 using the
airmon-ng start wlan0
command multiple times:You could view all these newly created interfaces using the
ifconfig –a
command:Now we will create the Open AP on mon0:
Let's create the WEP-protected AP on mon1:
The WPA-PSK AP will be on mon2:
We can run
airodump-ng
on the same channel to ensure all the four access points are up and running as shown:Now let's switch the...
BackTrack 5 Wireless Penetration Testing Beginner's Guide
By :
BackTrack 5 Wireless Penetration Testing Beginner's Guide
By:
Overview of this book
Wireless has become ubiquitous in today’s world. The mobility and flexibility provided by it makes our lives more comfortable and productive. But this comes at a cost – Wireless technologies are inherently insecure and can be easily broken. BackTrack is a penetration testing and security auditing distribution that comes with a myriad of wireless networking tools used to simulate network attacks and detect security loopholes. Backtrack 5 Wireless Penetration Testing Beginner’s Guide will take you through the journey of becoming a Wireless hacker. You will learn various wireless testing methodologies taught using live examples, which you will implement throughout this book. The engaging practical sessions very gradually grow in complexity giving you enough time to ramp up before you get to advanced wireless attacks.This book will take you through the basic concepts in Wireless and creating a lab environment for your experiments to the business of different lab sessions in wireless security basics, slowly turn on the heat and move to more complicated scenarios, and finally end your journey by conducting bleeding edge wireless attacks in your lab.There are many interesting and new things that you will learn in this book – War Driving, WLAN packet sniffing, Network Scanning, Circumventing hidden SSIDs and MAC filters, bypassing Shared Authentication, Cracking WEP and WPA/WPA2 encryption, Access Point MAC spoofing, Rogue Devices, Evil Twins, Denial of Service attacks, Viral SSIDs, Honeypot and Hotspot attacks, Caffe Latte WEP Attack, Man-in-the-Middle attacks, Evading Wireless Intrusion Prevention systems and a bunch of other cutting edge wireless attacks.If you were ever curious about what wireless security and hacking was all about, then this book will get you started by providing you with the knowledge and practical know-how to become a wireless hacker.
Table of Contents (18 chapters)
BackTrack 5 Wireless Penetration Testing
Credits
About the Author
About the Reviewer
www.PacktPub.com
Preface
Free Chapter
Wireless Lab Setup
WLAN and Its Inherent Insecurities
Bypassing WLAN Authentication
WLAN Encryption Flaws
Attacks on the WLANInfrastructure
Attacking the Client
Advanced WLAN Attacks
Attacking WPA-Enterprise and RADIUS
WLAN Penetration Testing Methodology
Conclusion and Road Ahead
Pop Quiz Answers
Index
Customer Reviews