Book Image

Kali Linux: Wireless Penetration Testing Beginner's Guide, Second Edition

By : Cameron Buchanan
Book Image

Kali Linux: Wireless Penetration Testing Beginner's Guide, Second Edition

By: Cameron Buchanan

Overview of this book

Table of Contents (19 chapters)
Kali Linux Wireless Penetration Testing Beginner's Guide
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Disclaimer
Preface
Index

Attack


Once reconnaissance has been performed, exploitation must be performed for proof of concept. If the attack is being performed as part of a red team or wider assessment, then exploitation should be performed to gain access to the network as surreptitiously as possible.

In our attacking phase, we will explore the following:

  • Cracking the encryption

  • Attacking the infrastructure

  • Compromising clients

  • Finding vulnerable clients

  • Finding unauthorized clients

Cracking the encryption

The first step is to retrieve the keys for any vulnerable networks identified. If networks with WEP exist, perform the WEP-cracking methods explained in Chapter 4, WLAN Encryption Flaws. If WPA2-secured systems are present, you have two choices. If aiming to be stealthy, arrive on-site at times when individuals are likely to be authenticating or re-authenticating. These times are likely to be:

  • Start of the day

  • Lunch time

  • End of the day

At this time, set up your WPA key retrieval setup as shown in Chapter 4, WLAN Encryption...