Ethical Hacking - NETWORK PENETRATION TESTING(9)

WEP Cracking Packet Injection

What if the AP was idle, or had no clients associated with it? In this case, we have to inject packets into the traffic in order to force the router to create new packets with new IV‘s.

Before we can start injecting packets into the traffic, we have to authenticate our wifi card with the AP, because AP‘s ignore any requests that come from devices that are not associated with the AP. This can be done easily using airmon-ng like so

aireplay-ng --fakeauth 0 -a[target  MAC] -h[your MAC] [interface]

If this fake authentication was successful the value under the "AUTH" column in airodump-ng will change to "OPN"

Packet injection - ARP request replay

In this method, after successfully associating with the target AP, we will wait for an ARP packet, we will then capture this packet and inject it into the traffic, this will force the AP to generate a new ARP packet with a new IV, we capture this new packet and inject into the traffic again, this process is repeated until the number of IV‘s captured is sufficient enough to crack the key.

aireplay-ng --arpreplay -b [target MAC] -h [your MAC] [interface]

原文地址:https://www.cnblogs.com/keepmoving1113/p/11863480.html

时间: 2024-10-14 18:55:27

Ethical Hacking - NETWORK PENETRATION TESTING(9)的相关文章

Ethical Hacking - NETWORK PENETRATION TESTING(15)

ARP Poisoning - arpspoof Arpspoof is a tool part of a suit called dsniff, which contains a number of network penetration tools. Arpspoof can be used to launch a MITM attack and redirect traffic to flow through our device. 1. Tell the target client th

Ethical Hacking - NETWORK PENETRATION TESTING(5)

Deauthentication Attacks Theory This attack is used to disconnect any device from any network within our range even if the network is protected with a key. Hacker sends de-authentication packets to the router pretending to be the target matching(by s

Ethical Hacking - NETWORK PENETRATION TESTING(4)

Targeted packet sniffing airodump-ng --channel[channel] --bssid[bssid] --write[file-name][interface] Now all the data will be stored in the file name specified after the -write option. We can analyze this data using Wireshark. The only problem is tha

Ethical Hacking - NETWORK PENETRATION TESTING(22)

MITM - Wireshark WIreshark is a network protocol analyser that is designed to help network administartors to keep track of what is happening in their network and analyse all the packtes. Wireshark works by logging each packet that flows through the d

Ethical Hacking - NETWORK PENETRATION TESTING(2)

 ALFA  AWUS 1900 https://www.alfa.com.tw/products_detail/2.htm Run the following shell command on Kali Linux and reboot. (Refer to https://forums.kali.org/showthread.php?36296-EXTREME-WIFI-SUPPORT-Alfa-Networks-AWUS1900-WORKING) apt-get install realt

Ethical Hacking - NETWORK PENETRATION TESTING(3)

Change MAC Address using macchanger.  Packet Sniffing Basics Airodump-ng airodump-ng is a program part of the aircrack-ng package, it's a packet sniffer that allows us to capture all the packets that are in our wifi card range. We can also use it to

Ethical Hacking - NETWORK PENETRATION TESTING(6)

Creating a fake access point (honeypot) Fake access points can be handy in many scenarios, one example is creating an open AP, this will attract a lot of clients, many of which will automatically connect to it. Then we can sniff all the traffic creat

Ethical Hacking - NETWORK PENETRATION TESTING(17)

MITM - bypassing HTTPS Most websites use https in their login pages, this means that these pages are validated using an SSL certificate and there for will show a warning to the user that the certificate is invalid. SSLstrip is a tool that canbe used

Ethical Hacking - NETWORK PENETRATION TESTING(23)

Detecting ARP Posionning Attacks ARP main security issues: 1. Each ARP requests/response is trusted. 2. Clients can accept responses even if they did not send a request. We can use the tool called Xarp(http://www.xarp.net/) to detect this kind attack