BackTrack 5 Wireless Penetration Testing Beginner's Guide
Format: PDF / Kindle (mobi) / ePub
Written in Packt's Beginner's Guide format, you can easily grasp the concepts and understand the techniques to perform wireless attacks in your lab. Every new attack is described in the form of a lab exercise with rich illustrations of all the steps associated. You will practically implement various attacks as you go along. If you are an IT security professional or a security consultant who wants to get started with wireless testing with Backtrack, or just plain inquisitive about wireless security and hacking, then this book is for you. The book assumes that you have familiarity with Backtrack and basic wireless concepts.
new access point: 5. Now we send a De-Authentication frame to the client, so it disconnects and immediately tries to re-connect: [ 109 ] Attacks on the WLAN Infrastructure 6. As we are closer to this client, our signal strength is higher and it connects to our Evil Twin access point as shown in the following screens: 7. We can also spoof the BSSD and MAC address of the access point using the following command: [ 110 ] Chapter 5 8. Now if we see through airodump-ng it is almost
Honeypot access point would typically use: a. No Encryption, Open Authentication b. No Encryption, Shared Authentication c. WEP Encryption, Open Authentication d. None of the above 3. Which one of the following are DoS Attacks? a. Mis-Association attack b. De-Authentication attacks c. Dis-Association attacks d. Both (b) and (c) 4. A Caffe Latte attack requires a. That the wireless client be in radio range of the access point b. That the client contains a cached and stored WEP key c.
for a User name / Password. We use SecurityTube as the User name and abcdefghi as the Password: [ 171 ] Attacking WPA-Enterprise and RADIUS 7. As soon as we do this, we are able to see the MSCHAP-v2 challenge response appear in the log file: 8. We now use Asleap to crack this using a password list file that contains the password abcdefghi and we are able to crack the password! [ 172 ] Chapter 8 What just happened? We set up our Honeypot using FreeRadius-WPE. The enterprise client is
using your card as shown in the following screenshot: 2. Use airodump-ng to start scanning the airspace. Ensure that channel hopping happens across both the 802.11 b and g bands: [ 181 ] WLAN Penetration Testing Methodology 3. Move around the premises to get as many clients and access points as possible: 4. Request from the system administrator of the company a list of MAC addresses for all access points and wireless clients. This will help us in the next phase: [ 182 ] Chapter 9
entire book. You can purchase it from Amazon.com where it is retailing at around $35 at the time of writing. An Internet connection: This will come in handy to perform research, download software, and for some of our experiments. Software requirements We will need the following software to set up the wireless lab: BackTrack 5: BackTrack can be downloaded from their official website located at http://www.backtrack-linux.org. The software is open source and you should be able to download