Kali Linux wireless penetration testing : beginner's guide : master wireless testing techniques to survey and attack wireless networks with Kali Linux, including the KRACK attack / Cameron Buchanan, Vivek Ramachandran.

Format:

Book

Author/Creator:

Buchanan, Cameron, author.

Ramachandran, Vivek, author.

Language:

English

Subjects (All):

Computer security.

Computers--Access control.

Computers.

Physical Description:

1 online resource (210 pages)

Edition:

Third edition.

Place of Publication:

Birmingham, England ; Mumbai, [India] : Packt Publishing, 2017.

Biography/History:

Buchanan Cameron: Cameron Buchanan is a penetration tester by trade and a writer in his spare time. He has performed penetration tests around the world for a variety of clients across many industries. Previously, Cameron was a member of the RAF. In his spare time, he enjoys doing stupid things, such as trying to make things fly, getting electrocuted, and dunking himself in freezing cold water. He is married and lives in London. Dieterle Daniel W. : Daniel W. Dieterle, with over 20 years in IT, has evolved from a system and network support role to a dedicated Computer Security Researcher and Author. His expertise, honed in diverse environments like corporate data centers and Ivy League schools, is reflected in his Kali Linux-based books, widely used globally for security training in universities, government, and private sectors. He has contributed to numerous technical books, articles, and security training classes, and is passionate about mentoring newcomers in the field. Ramachandran Vivek: Vivek Ramachandran has been working on Wi-Fi security since 2003. He discovered the Caffe Latte attack and also broke WEP Cloaking, a WEP protection schema, publicly in 2007 at DEF CON. In 2011, he was the first to demonstrate how malware could use Wi-Fi to create backdoors, worms, and even botnets. Earlier, Vivek was one of the programmers of the 802. 1x protocol and Port Security in Cisco's 6500 Catalyst series of switches, and he was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65, 000 participants. He is best known in the hacker community as the founder of SecurityTube. net, where he routinely posts videos on Wi-Fi security, assembly language, exploitation techniques, and so on. SecurityTube. net receives over 100, 000 unique visitors a month. Vivek's work on wireless security has been quoted in BBC Online, InfoWorld, MacWorld, The Register, IT World Canada, and so on. This year, he will speak or train at a number of security conferences, including Blackhat, DEF CON, Hacktivity, 44con, HITB-ML, BruCON Derbycon, Hashdays, SecurityZone, and SecurityByte.

Summary:

Key FeaturesLearn wireless penetration testing with Kali LinuxDetect hidden wireless networks and discover their namesExplore advanced Wi-Fi hacking techniques including rogue access point hosting and probe sniffingDevelop your encryption cracking skills and gain an insight into the methods used by attackers and the underlying technologies that facilitate these attacksBook DescriptionAs wireless networks become ubiquitous in our lives, wireless penetration testing has become a key skill in the repertoire of the professional penetration tester. This has been highlighted again recently with the discovery of the KRACK attack which enables attackers to potentially break into Wi-Fi networks encrypted with WPA2. The Kali Linux security distribution comes with a myriad of tools used for networking attacks and detecting security loopholes. Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing with each new technology. You'll learn various wireless testing methodologies by example, from the basics of wireless routing and encryption through to detailed coverage of hacking methods and attacks such as the Hirte and Caffe Latte.What you will learnUnderstand the KRACK attack in full detailCreate a wireless lab for your experimentsSniff out wireless packets, hidden networks, and SSIDsCapture and crack WPA-2 keysSniff probe requests and track users through their SSID historyAttack radius authentication systemsSniff wireless traffic and collect interesting dataDecrypt encrypted traffic with stolen keysWho this book is forKali Linux Wireless Penetration Testing Beginner's Guide, Third Edition is suitable for anyone who wants to learn more about pentesting and how to understand and defend against the latest wireless network attacks.

Contents:

Cover

Copyright

Credits

Disclaimer

About the Authors

About the Reviewer

www.PacktPub.com

Customer Feedback

Table of Contents

Preface

Chapter 1: Wireless Lab Setup

Hardware requirements

Software requirements

Installing Kali

Time for action - installing Kali

Setting up the access point

Time for action - configuring the access point

Setting up the wireless card

Time for action - configuring your wireless card

Connecting to the access point

Summary

Chapter 2: WLAN and Its Inherent Insecurities

Revisiting WLAN frames

Time for action - creating a monitor mode interface

Time for action - sniffing wireless packets

Time for action - viewing management, control, and data frames

Time for action - sniffing data packets for our network

Time for action - packet injection

Important note on WLAN sniffing and injection

Time for action - experimenting with your adapter

Chapter 3: Bypassing WLAN Authentication

Hidden SSIDs

Time for action - uncovering hidden SSIDs

MAC filters

Time for action - beating MAC filters

Open Authentication

Time for action - bypassing Open Authentication

Shared Key Authentication

Time for action - bypassing shared authentication

Chapter 4: WLAN Encryption Flaws

WLAN encryption

WEP encryption

Time for action - cracking WEP

WPA/WPA2

Time for action - cracking WPA-PSK weak passphrase

Speeding up WPA/WPA2 PSK cracking

Time for action - speeding up the cracking process

Decrypting WEP and WPA packets

Time for action - decrypting WEP and WPA packets

Connecting to WEP and WPA networks

Time for action - connecting to a WEP network

Time for action - connecting to a WPA network

Summary.

Chapter 5: Attacks on the WLAN Infrastructure

Default accounts and credentials on the access point

Time for action - cracking default accounts on the access points

Denial of service attacks

Time for action - deauthentication DoS attack

Evil twin and access point MAC spoofing

Time for action - evil twin with MAC spoofing

A rogue access point

Time for action - Setting up a rogue access point

Chapter 6: Attacking the Client

Honeypot and Misassociation attacks

Time for action - orchestrating a Misassociation attack

The Caffe Latte attack

Time for action - conducting the Caffe Latte attack

Deauthentication and disassociation attacks

Time for action - deauthenticating the client

The Hirte attack

Time for action - cracking WEP with the Hirte attack

AP-less WPA-Personal cracking

Time for action - AP-less WPA cracking

Chapter 7: Advanced WLAN Attacks

A Man-in-the-Middle attack

Time for action - Man-in-the-Middle attack

Wireless eavesdropping using MITM

Time for action - wireless eavesdropping

Session hijacking over wireless

Time for action - session hijacking over wireless

Finding security configurations on the client

Time for action - deauthentication attack on the client

Chapter 8: KRACK Attacks

KRACK attack overview

The four-way handshake KRACK attack

Time for action - getting KRACKing

Chapter 9: Attacking WPA-Enterprise and RADIUS

Setting up FreeRADIUS-WPE

Time for action - setting up the AP with FreeRADIUS-WPE

Attacking PEAP

Time for action - cracking PEAP

EAP-TTLS

Security best practices for enterprises

Chapter 10: WLAN Penetration Testing Methodology

Wireless penetration testing

Planning

Discovery

Attack

Cracking the encryption

Attacking infrastructure.

Compromising clients

Reporting

Chapter 11: WPS and Probes

WPS attacks

Time for action - WPS attack

Probe sniffing

Time for action - collecting data

Appendix: Pop Quiz Answers

Chapter 1, Wireless Lab Setup

Chapter 2, WLAN and its Inherent Insecurities

Chapter 3, Bypassing WLAN Authentication

Chapter 4, WLAN Encryption Flaws

Chapter 5, Attacks on the WLAN Infrastructure

Chapter 6, Attacking the Client

Chapter 7, Advanced WLAN Attacks

Chapter 8, Attacking WPA-Enterprise and RADIUS

Index.

Notes:

Includes index.

"Fully revised and updated to cover KRACK."--Cover.

Description based on print version record.

OCLC:

1021887824