Book Image

Kali Linux Wireless Penetration Testing Beginner???s Guide - Third Edition

By : Cameron Buchanan, Daniel W. Dieterle, Vivek Ramachandran
Book Image

Kali Linux Wireless Penetration Testing Beginner???s Guide - Third Edition

By: Cameron Buchanan, Daniel W. Dieterle, Vivek Ramachandran

Overview of this book

As wireless networks become ubiquitous in our lives, wireless penetration testing has become a key skill in the repertoire of the professional penetration tester. This has been highlighted again recently with the discovery of the KRACK attack which enables attackers to potentially break into Wi-Fi networks encrypted with WPA2. The Kali Linux security distribution comes with a myriad of tools used for networking attacks and detecting security loopholes. Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing with each new technology. You'll learn various wireless testing methodologies by example, from the basics of wireless routing and encryption through to detailed coverage of hacking methods and attacks such as the Hirte and Caffe Latte.
Table of Contents (21 chapters)
Kali Linux Wireless Penetration Testing Beginner's Guide Third Edition
Credits
Disclaimer
About the Authors
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface
Index

Time for action – sniffing data packets for our network


In this exercise, we will learn how to sniff data packets for a given wireless network. For the sake of simplicity, we will look at packets without any encryption.

Follow these instructions to get started:

  1. Switch on the access point we named Wireless Lab. Let it remain configured to use no encryption.

  2. We will first need to find the channel on which the Wireless Lab access point is running. To do this, open a terminal and run airodump-ng --bssid <mac> wlan0mon, where <mac> is the MAC address of our access point. Let the program run, and shortly you should see your access point shown on the screen along with the channel it is running on.

  3. We can see from the preceding screenshot that our access point Wireless Lab is running on channel 11. Note that this may be different for your access point.

    In order to sniff data packets going to and from this access point, we need to lock our wireless card on the same channel, that is channel...