Rating: 0 out of 5 stars
0 ratings
Ebook377 pages2 hours
Kali Linux Wireless Penetration Testing: Beginner's Guide
Rating: 0 out of 5 stars
()
About this ebook
About This Book
- Learn wireless penetration testing with Kali Linux; Backtrack’s evolution
- Detect hidden wireless networks and discover their names
- Explore advanced Wi-Fi hacking techniques including rogue access point hosting and probe sniffing
- Develop your encryption cracking skills and gain an insight into the methods used by attackers and the underlying technologies that facilitate these attacks
If you are a security professional, pentester, or anyone interested in getting to grips with wireless penetration testing, this is the book for you. Some familiarity with Kali Linux and wireless concepts is beneficial.
Author
Vivek Ramachandran
Vivek Ramachandran is a world renowned security researcher and evangelist. He is the discoverer of the wireless "Caffe Latte Attack" and has delivered presentations in world renowned Information Security conferences such as Defcon and Toorcon in the US. His discoveries and talks have been widely quoted by the International media including - BBC Online, Network World, The Register, Mac World, Computer Online and others. In 2006, Microsoft declared Vivek as one of the winners of the Microsoft Security Shootout Contest held in India among an estimated 65,000 participants. In 2005, he was awarded a team achievement award by Cisco Systems for his work in the 802.1x and Port Security modules. He is well known in the hacking and security community as the founder of SecurityTube.net , a free video based computer security education portal which gets an estimated 100,000 monthly visitors. Vivek is also an accomplished trainer and travels around the world conducting workshops and training sessions for corporates and students. He holds a degree in B.Tech from IIT Guwahati and acts as an advisor to the computer science department's Security Lab.
Read more from Vivek Ramachandran
Kali Linux Wireless Penetration Testing Beginner's Guide - Third Edition: Master wireless testing techniques to survey and attack wireless networks with Kali Linux, including the KRACK attack BackTrack 5 Wireless Penetration Testing Beginner's Guide Rating: 5 out of 5 stars5/5
Related to Kali Linux Wireless Penetration Testing
Related ebooks
Kali Linux 2: Windows Penetration Testing Rating: 5 out of 5 stars5/5Mastering Kali Linux for Advanced Penetration Testing Rating: 4 out of 5 stars4/5Kali Linux – Assuring Security by Penetration Testing Rating: 3 out of 5 stars3/5Mastering Metasploit Rating: 0 out of 5 stars0 ratingsKali Linux Wireless Penetration Testing Essentials Rating: 5 out of 5 stars5/5Nmap Essentials Rating: 4 out of 5 stars4/5Burp Suite Essentials Rating: 4 out of 5 stars4/5Mastering the Nmap Scripting Engine Rating: 0 out of 5 stars0 ratingsEthical Hacking 101 - How to conduct professional pentestings in 21 days or less!: How to hack, #1 Rating: 5 out of 5 stars5/5Basic Wifi Hacking Rating: 0 out of 5 stars0 ratingsWireshark Network Security Rating: 3 out of 5 stars3/5Kali Linux Web Penetration Testing Cookbook Rating: 0 out of 5 stars0 ratingsMastering Kali Linux Wireless Pentesting Rating: 3 out of 5 stars3/5Building Virtual Pentesting Labs for Advanced Penetration Testing Rating: 0 out of 5 stars0 ratingsLearning zANTI2 for Android Pentesting Rating: 0 out of 5 stars0 ratingsAdvanced Penetration Testing for Highly-Secured Environments - Second Edition Rating: 0 out of 5 stars0 ratingsKali Linux 2 – Assuring Security by Penetration Testing - Third Edition Rating: 0 out of 5 stars0 ratingsPenetration Testing with Raspberry Pi - Second Edition Rating: 5 out of 5 stars5/5Building a Pentesting Lab for Wireless Networks Rating: 0 out of 5 stars0 ratingsPractical Linux Security Cookbook Rating: 0 out of 5 stars0 ratingsPenetration Testing For Dummies Rating: 0 out of 5 stars0 ratingsPython Web Penetration Testing Cookbook Rating: 0 out of 5 stars0 ratingsBuilding Virtual Pentesting Labs for Advanced Penetration Testing - Second Edition Rating: 0 out of 5 stars0 ratingsHacking: 10 Easy Beginners Tutorials on How to Hack Plus Basic Security Tips Rating: 0 out of 5 stars0 ratingsLearn Kali Linux 2019: Perform powerful penetration testing using Kali Linux, Metasploit, Nessus, Nmap, and Wireshark Rating: 0 out of 5 stars0 ratingsMetasploit Bootcamp Rating: 5 out of 5 stars5/5Kali Linux Network Scanning Cookbook - Second Edition Rating: 0 out of 5 stars0 ratings
Software Development & Engineering For You
Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Learn to Code. Get a Job. The Ultimate Guide to Learning and Getting Hired as a Developer. Rating: 5 out of 5 stars5/5Managing Humans: Biting and Humorous Tales of a Software Engineering Manager Rating: 4 out of 5 stars4/5Python For Dummies Rating: 4 out of 5 stars4/5Hand Lettering on the iPad with Procreate: Ideas and Lessons for Modern and Vintage Lettering Rating: 4 out of 5 stars4/5OneNote: The Ultimate Guide on How to Use Microsoft OneNote for Getting Things Done Rating: 1 out of 5 stars1/5Coding with AI For Dummies Rating: 0 out of 5 stars0 ratingsThe Inmates Are Running the Asylum (Review and Analysis of Cooper's Book) Rating: 4 out of 5 stars4/5Creative Selection: Inside Apple's Design Process During the Golden Age of Steve Jobs Rating: 5 out of 5 stars5/5Agile Practice Guide Rating: 4 out of 5 stars4/5Beginning Programming For Dummies Rating: 4 out of 5 stars4/5Photoshop For Beginners: Learn Adobe Photoshop cs5 Basics With Tutorials Rating: 0 out of 5 stars0 ratingsPYTHON: Practical Python Programming For Beginners & Experts With Hands-on Project Rating: 5 out of 5 stars5/5Level Up! The Guide to Great Video Game Design Rating: 4 out of 5 stars4/5Gray Hat Hacking the Ethical Hacker's Rating: 5 out of 5 stars5/5iPhone Application Development For Dummies Rating: 4 out of 5 stars4/5After Steve: How Apple Became a Trillion-Dollar Company and Lost Its Soul Rating: 4 out of 5 stars4/5Coding All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsSQL For Dummies Rating: 0 out of 5 stars0 ratingsLearning Python Rating: 5 out of 5 stars5/5How to Write Effective Emails at Work Rating: 4 out of 5 stars4/5Visual Studio Tips and Tricks: I Rating: 0 out of 5 stars0 ratingsGood Code, Bad Code: Think like a software engineer Rating: 5 out of 5 stars5/5Blender 3D Printing Essentials Rating: 0 out of 5 stars0 ratingsFlow: A Handbook for Change-Makers, Mavericks, Innovators and Leaders Rating: 0 out of 5 stars0 ratingsPython Handbook For Beginners. A Hands-On Crash Course For Kids, Newbies and Everybody Else Rating: 0 out of 5 stars0 ratingsHow Do I Do That in Photoshop?: The Quickest Ways to Do the Things You Want to Do, Right Now! Rating: 4 out of 5 stars4/5
Related podcast episodes
Bonus: Afternoon Cyber Tea: IoT-Based Infrastructures 0% found this document usefulCybersecurity and Hacking with Kevin Mitnick 0% found this document usefulcybersecurity maturity model certification (CMMC) (noun) [Word Notes] 0% found this document usefulS17:E5 - What is AWS and how you become a cloud engineer (Hiroko Nishimura): Opening doors and knocking out AWS jargon 100% found this document usefulMobile Forensics 0% found this document usefulEp 25: Alberto: Illegal hacker or security professional? 100% found this document usefulUnderstanding the Dark Web of Fraud 100% found this document useful69: Human Hacker: Human Hacker 0% found this document useful92: The Pirate Bay: The Pirate Bay 0% found this document useful
Related articles
Introducing Kali Maximum PCUNLIMITED
Introducing Kali
Mar 2, 2021
4 min readKRACK Wi-Fi Attack Threatens All Networks: How To Stay Safe And What You Need To Know MacWorldUNLIMITED
KRACK Wi-Fi Attack Threatens All Networks: How To Stay Safe And What You Need To Know
Nov 29, 2017
5 min readNetwork Attacks TechLifeUNLIMITED
Network Attacks
Sep 21, 2020
Though less common than malware and social engineering, network-based attacks are still a threat to every computer and mobile user, and everyone should have at least a basic understanding of what they are and how to avoid them. So this month let’s lo
4 min readIntroducing Kali APCUNLIMITED
Introducing Kali
Apr 19, 2021
4 min readKRACK Wi-Fi Attack Threatens All Networks: How to Stay Safe and What You Need to Know PCWorldUNLIMITED
KRACK Wi-Fi Attack Threatens All Networks: How to Stay Safe and What You Need to Know
Dec 4, 2017
5 min readHack The Planet/Parrot Linux FormatUNLIMITED
Hack The Planet/Parrot
May 31, 2022
2 min readRun Kali Linux NetHunter on Android Linux FormatUNLIMITED
Run Kali Linux NetHunter on Android
Jan 14, 2020
7 min readHacker’s Manual Maximum PCUNLIMITED
Hacker’s Manual
Mar 2, 2021
1 min readEverything You May Have Wanted to Know About Ethical/Whitehat Hackers TechfastlyUNLIMITED
Everything You May Have Wanted to Know About Ethical/Whitehat Hackers
Oct 21, 2020
5 min readRunning The Linux Desktop On Android Linux FormatUNLIMITED
Running The Linux Desktop On Android
Oct 22, 2019
9 min readHacker’s Toolkit 2o22 Linux FormatUNLIMITED
Hacker’s Toolkit 2o22
May 31, 2022
1 min readHack The System Linux FormatUNLIMITED
Hack The System
Dec 17, 2019
If you followed our handy guide on the previous pages, then you’ll already have augmented your Kali Light installation with Nmap, a port-scanning utility par excellence and a vital part of any pen-tester’s arsenal. As mentioned on the DVD page (there
4 min read‘Open Ports’ Leave a Hole in Smartphone Security FuturityUNLIMITED
‘Open Ports’ Leave a Hole in Smartphone Security
May 8, 2017
Smartphone apps that use “open ports” to share and receive data are more vulnerable to security breaches than previously thought, mainly due to the their widespread use in internet communication, a new study suggests. The vulnerability the researcher
3 min readThe 5 Worst Home Networking Mistakes and How to Avoid Them Residential Tech TodayUNLIMITED
The 5 Worst Home Networking Mistakes and How to Avoid Them
Oct 15, 2020
4 min readHacker’s Manual Linux FormatUNLIMITED
Hacker’s Manual
Nov 17, 2020
1 min readTurn Your Raspberry Pi Into A Cloud Server Linux FormatUNLIMITED
Turn Your Raspberry Pi Into A Cloud Server
Aug 24, 2021
6 min readHacking Banks Linux FormatUNLIMITED
Hacking Banks
Dec 17, 2019
4 min readPeople Are Secretly Buying Handguns On The Dark Web FuturityUNLIMITED
People Are Secretly Buying Handguns On The Dark Web
Apr 24, 2019
2 min readSherlock Linux FormatUNLIMITED
Sherlock
May 31, 2022
1 min readHacking Power New PhilosopherUNLIMITED
Hacking Power
Jul 30, 2018
4 min readRunning The Linux Desktop On Android APCUNLIMITED
Running The Linux Desktop On Android
Dec 30, 2019
9 min readTools Arsenal Linux FormatUNLIMITED
Tools Arsenal
Nov 17, 2020
1 min readIntroducing Kali Linux FormatUNLIMITED
Introducing Kali
Nov 17, 2020
4 min readRevisiting Tor TechLifeUNLIMITED
Revisiting Tor
Aug 24, 2020
4 min readHacker Distributions Linux FormatUNLIMITED
Hacker Distributions
Nov 17, 2020
1 min read“Vulnerability Hunters Tend To Be Cut From A Different Cloth. They Are Naturally In Quisitive” PC Pro MagazineUNLIMITED
“Vulnerability Hunters Tend To Be Cut From A Different Cloth. They Are Naturally In Quisitive”
Jan 6, 2022
7 min readWho Are the Shadow Brokers? The AtlanticUNLIMITED
Who Are the Shadow Brokers?
May 23, 2017
6 min readDisrupting Databases Linux FormatUNLIMITED
Disrupting Databases
Nov 17, 2020
Part of our last hacking feature in LXF258 involved setting up the Metasploitable virtual machine and attacking it. We’d encourage you to do that too, (you’ll find all the information you need at https://github.com/rapid7/metasploitable3). But this t
3 min readHacker’s Manual APCUNLIMITED
Hacker’s Manual
Apr 19, 2021
1 min readAn Algorithm That Hides Your Online Tracks With Random Footsteps The AtlanticUNLIMITED
An Algorithm That Hides Your Online Tracks With Random Footsteps
Apr 11, 2017
4 min read
Reviews for Kali Linux Wireless Penetration Testing
Rating: 0 out of 5 stars
0 ratings
0 ratings0 reviews
Book preview
Kali Linux Wireless Penetration Testing - Vivek Ramachandran
Table of Contents
Kali Linux Wireless Penetration Testing Beginner's Guide
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Support files, eBooks, discount offers, and more
Why subscribe?
Free access for Packt account holders
Disclaimer
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Errata
Piracy
Questions
1. Wireless Lab Setup
Hardware requirements
Software requirements
Installing Kali
Time for action – installing Kali
What just happened?
Have a go hero – installing Kali on VirtualBox
Setting up the access point
Time for action – configuring the access point
What just happened?
Have a go hero – configuring the access point to use WEP and WPA
Setting up the wireless card
Time for action – configuring your wireless card
What just happened?
Connecting to the access point
Time for action – configuring your wireless card
What just happened?
Have a go hero – establishing a connection in a WEP configuration
Pop quiz – understanding the basics
Summary
2. WLAN and its Inherent Insecurities
Revisiting WLAN frames
Time for action – creating a monitor mode interface
What just happened?
Have a go hero – creating multiple monitor mode interfaces
Time for action – sniffing wireless packets
What just happened?
Have a go hero – finding different devices
Time for action – viewing management, control, and data frames
What just happened?
Have a go hero – playing with filters
Time for action – sniffing data packets for our network
What just happened?
Have a go hero – analyzing data packets
Time for action – packet injection
What just happened?
Have a go hero – installing Kali on VirtualBox
Important note on WLAN sniffing and injection
Time for action – experimenting with your adapter
What just happened?
Have a go hero – sniffing multiple channels
The role of regulatory domains in wireless
Time for action – experimenting with your adapter
What just happened?
Have a go hero – exploring regulatory domains
Pop quiz – WLAN packet sniffing and injection
Summary
3. Bypassing WLAN Authentication
Hidden SSIDs
Time for action – uncovering hidden SSIDs
What just happened?
Have a go hero – selecting deauthentication
MAC filters
Time for action – beating MAC filters
What just happened?
Open Authentication
Time for action – bypassing Open Authentication
What just happened?
Shared Key Authentication
Time for action – bypassing Shared Authentication
What just happened?
Have a go hero – filling up the access point's tables
Pop quiz – WLAN authentication
Summary
4. WLAN Encryption Flaws
WLAN encryption
WEP encryption
Time for action – cracking WEP
What just happened?
Have a go hero – fake authentication with WEP cracking
WPA/WPA2
Time for action – cracking WPA-PSK weak passphrases
What just happened?
Have a go hero – trying WPA-PSK cracking with Cowpatty
Speeding up WPA/WPA2 PSK cracking
Time for action – speeding up the cracking process
What just happened?
Decrypting WEP and WPA packets
Time for action – decrypting WEP and WPA packets
What just happened?
Connecting to WEP and WPA networks
Time for action – connecting to a WEP network
What just happened?
Time for action – connecting to a WPA network
What just happened?
Pop quiz – WLAN encryption flaws
Summary
5. Attacks on the WLAN Infrastructure
Default accounts and credentials on the access point
Time for action – cracking default accounts on the access points
What just happened?
Have a go hero – cracking accounts using brute-force attacks
Denial of service attacks
Time for action – deauthentication DoS attacks
What just happened?
Have a go hero – disassociation attacks
Evil twin and access point MAC spoofing
Time for action – evil twins and MAC spoofing
What just happened?
Have a go hero – evil twins and channel hopping
A rogue access point
Time for action – cracking WEP
What just happened?
Have a go hero – rogue access point challenge
Pop quiz – attacks on the WLAN infrastructure
Summary
6. Attacking the Client
Honeypot and Mis-Association attacks
Time for action – orchestrating a Mis-Association attack
What just happened?
Have a go hero – forcing a client to connect to the Honeypot
The Caffe Latte attack
Time for action – conducting a Caffe Latte attack
What just happened?
Have a go hero – practise makes perfect!
Deauthentication and disassociation attacks
Time for action – deauthenticating the client
What just happened?
Have a go hero – disassociation attack on the client
The Hirte attack
Time for action – cracking WEP with the Hirte attack
What just happened?
Have a go hero – practise, practise, practise
AP-less WPA-Personal cracking
Time for action – AP-less WPA cracking
What just happened?
Have a go hero – AP-less WPA cracking
Pop quiz – attacking the client
Summary
7. Advanced WLAN Attacks
A man-in-the-middle attack
Time for action – man-in-the-middle attack
What just happened?
Have a go hero – man-in-the-middle over pure wireless
Wireless Eavesdropping using MITM
Time for action – Wireless Eavesdropping
What just happened?
Have a go hero – finding Google searches
Session hijacking over wireless
Time for action – session hijacking over wireless
What just happened?
Have a go hero – application hijacking challenge
Finding security configurations on the client
Time for action – deauthentication attacks on the client
What just happened?
Have a go hero – baiting clients
Pop quiz – advanced WLAN attacks
Summary
8. Attacking WPA-Enterprise and RADIUS
Setting up FreeRADIUS-WPE
Time for action – setting up the AP with FreeRADIUS-WPE
What just happened?
Have a go hero – playing with RADIUS
Attacking PEAP
Time for action – cracking PEAP
What just happened?
Have a go hero – attack variations on PEAP
EAP-TTLS
Security best practices for Enterprises
Pop quiz – attacking WPA-Enterprise and RADIUS
Summary
9. WLAN Penetration Testing Methodology
Wireless penetration testing
Planning
Discovery
Attack
Cracking the encryption
Attacking infrastructure
Compromising clients
Reporting
Summary
10. WPS and Probes
WPS attacks
Time for action – WPS attack
What just happened?
Have a go hero – rate limiting
Probe sniffing
Time for action – collecting data
What just happened?
Have a go hero – extension ideas
Summary
A. Pop Quiz Answers
Chapter 1, Wireless Lab Setup
Pop quiz – understanding the basics
Chapter 2, WLAN and its Inherent Insecurities
Pop quiz – understanding the basics
Chapter 3, Bypassing WLAN Authentication
Pop quiz – WLAN authentication
Chapter 4, WLAN Encryption Flaws
Pop quiz – WLAN encryption flaws
Chapter 5, Attacks on the WLAN Infrastructure
Pop quiz – attacks on the WLAN infrastructure
Chapter 6, Attacking the Client
Pop quiz – Attacking the Client
Chapter 7, Advanced WLAN Attacks
Pop quiz – advanced WLAN attacks
Chapter 8, Attacking WPA-Enterprise and RADIUS
Pop quiz – attacking WPA-Enterprise and RADIUS
Index
Kali Linux Wireless Penetration Testing Beginner's Guide
Kali Linux Wireless Penetration Testing Beginner's Guide
Copyright © 2015 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: September 2011
Second edition: March 2015
Production reference: 1230315
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78328-041-4
www.packtpub.com
Credits
Authors
Vivek Ramachandran
Cameron Buchanan
Reviewer
Marco Alamanni
Commissioning Editor
Erol Staveley
Acquisition Editor
Sam Wood
Content Development Editor
Shubhangi Dhamgaye
Technical Editor
Naveenkumar Jain
Copy Editor
Rashmi Sawant
Project Coordinator
Harshal Ved
Proofreaders
Simran Bhogal
Stephen Copestake
Indexer
Monica Ajmera Mehta
Production Coordinator
Komal Ramchandani
Cover Work
Komal Ramchandani
About the Authors
Vivek Ramachandran has been working on Wi-Fi Security since 2003. He discovered the Caffe Latte attack and also broke WEP Cloaking, a WEP protection schema, publicly in 2007 at DEF CON. In 2011, he was the first to demonstrate how malware could use Wi-Fi to create backdoors, worms, and even botnets.
Earlier, he was one of the programmers of the 802.1x protocol and Port Security in Cisco's 6500 Catalyst series of switches and was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. He is best known in the hacker community as the founder of SecurityTube.net, where he routinely posts videos on Wi-Fi Security, assembly language, exploitation techniques, and so on. SecurityTube.net receives over 100,000 unique visitors a month.
Vivek's work on wireless security has been quoted in BBC Online, InfoWorld, MacWorld, The Register, IT World Canada, and so on. This year, he will speak or train at a number of security conferences, including Blackhat, Defcon, Hacktivity, 44con, HITB-ML, BruCON Derbycon, Hashdays, SecurityZone, SecurityByte, and so on.
I would like to thank my lovely wife for all her help and support during the book-writing process. I would also like to thank my parents, grandparents, and sister for believing in me and encouraging me for all these years, and last but not least, I would like to thank all the users of SecurityTube.net who have always been behind me and supporting all my work. You guys rock!
Cameron Buchanan is a penetration tester by trade and a writer in his spare time. He has performed penetration tests around the world for a variety of clients
Enjoying the preview?
Page 1 of 1