Book Image

Mastering Kali Linux Wireless Pentesting

By : Sak, Raghu Ram
Book Image

Mastering Kali Linux Wireless Pentesting

By: Sak, Raghu Ram

Overview of this book

Kali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It gives access to a large collection of security-related tools for professional security testing - some of the major ones being Nmap, Aircrack-ng, Wireshark, and Metasploit. This book will take you on a journey where you will learn to master advanced tools and techniques to conduct wireless penetration testing with Kali Linux. You will begin by gaining an understanding of setting up and optimizing your penetration testing environment for wireless assessments. Then, the book will take you through a typical assessment from reconnaissance, information gathering, and scanning the network through exploitation and data extraction from your target. You will get to know various ways to compromise the wireless network using browser exploits, vulnerabilities in firmware, web-based attacks, client-side exploits, and many other hacking methods. You will also discover how to crack wireless networks with speed, perform man-in-the-middle and DOS attacks, and use Raspberry Pi and Android to expand your assessment methodology. By the end of this book, you will have mastered using Kali Linux for wireless security assessments and become a more effective penetration tester and consultant.
Table of Contents (11 chapters)
10
Index

Attacking SNMP

The identification of the SNMP community string can yield a wealth of information about the wireless device and potentially a way to change the configuration via the 'write' community string. In this section, we will use a tool, onesixtyone, included in Kali to attempt to brute force these community strings. Of course, in order to use this tool, you will need to be able to reach the administrative interface of the access point or wireless router. You will not be able to accomplish this without first being connected to the wired or wireless network hosted by the AP. Follow these steps:

  1. Similar to our attack on SSH, you will need a dictionary file to brute force the community strings. There are several examples on the Internet that can be readily obtained for this purpose or you can use a general word list or dictionary file. The benefit of a specialized word list is that it could reduce the amount of time required to find the SNMP community string. The file we will...