Ethical Hacking - NETWORK PENETRATION TESTING(2)

ARP Poisoning - arpspoof Arpspoof is a tool part of a suit called dsniff, which contains a number of network penetration tools. Arpspoof can be used to launch a MITM attack and redirect traffic to flow through our device. 1. Tell the target client th

Deauthentication Attacks Theory This attack is used to disconnect any device from any network within our range even if the network is protected with a key. Hacker sends de-authentication packets to the router pretending to be the target matching(by s

Targeted packet sniffing airodump-ng --channel[channel] --bssid[bssid] --write[file-name][interface] Now all the data will be stored in the file name specified after the -write option. We can analyze this data using Wireshark. The only problem is tha

MITM - Wireshark WIreshark is a network protocol analyser that is designed to help network administartors to keep track of what is happening in their network and analyse all the packtes. Wireshark works by logging each packet that flows through the d

Change MAC Address using macchanger.  Packet Sniffing Basics Airodump-ng airodump-ng is a program part of the aircrack-ng package, it's a packet sniffer that allows us to capture all the packets that are in our wifi card range. We can also use it to

Creating a fake access point (honeypot) Fake access points can be handy in many scenarios, one example is creating an open AP, this will attract a lot of clients, many of which will automatically connect to it. Then we can sniff all the traffic creat

WEP Cracking Packet Injection What if the AP was idle, or had no clients associated with it? In this case, we have to inject packets into the traffic in order to force the router to create new packets with new IV's. Before we can start injecting pack

MITM - bypassing HTTPS Most websites use https in their login pages, this means that these pages are validated using an SSL certificate and there for will show a warning to the user that the certificate is invalid. SSLstrip is a tool that canbe used

Detecting ARP Posionning Attacks ARP main security issues: 1. Each ARP requests/response is trusted. 2. Clients can accept responses even if they did not send a request. We can use the tool called Xarp(http://www.xarp.net/) to detect this kind attack