Book Image

Kali Linux: Wireless Penetration Testing Beginner's Guide, Second Edition

By : Cameron Buchanan
Book Image

Kali Linux: Wireless Penetration Testing Beginner's Guide, Second Edition

By: Cameron Buchanan

Overview of this book

Table of Contents (19 chapters)
Kali Linux Wireless Penetration Testing Beginner's Guide
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Disclaimer
Preface
Index

Time for action – orchestrating a Mis-Association attack


Follow these instructions to get started:

  1. In the previous labs, we used a client that had connected to the Wireless Lab access point. Let's switch on the client but not the actual Wireless Lab access point. Let's now run airodump-ng mon0 and check the output. You will very soon find the client to be in the not associated mode and probing for Wireless Lab and other SSIDs in its stored profile:

  2. To understand what is happening, let's run Wireshark and start sniffing on the mon0 interface. As expected, you might see a lot of packets that are not relevant to our analysis. Apply a Wireshark filter to only display Probe Request packets from the client MAC you are using:

  3. In my case, the filter would be wlan.fc.type_subtype == 0x04 && wlan.sa == <my mac>. You should now see Probe Request packets only from the client for the previously identified SSIDs.

  4. Let's now start a fake access point for the network Wireless Lab on the hacker...