Download Hacking Wireless Networks and more Study notes Computer Science in PDF only on Docsity!
Hacking Wireless Networks
Objective
“Wireless network” refers to any type of computer network commonly associated with telecommunications, whose interconnections between nodes are implemented without the use of wires. Wireless telecommunications networks are generally implemented with some type of remote information transmission system that uses electromagnetic waves such as radio waves for the carrier. The implementation usually takes place at the physical level or layer of the network. The objective of this lab is to protect the wireless network from attackers. In this lab, you will learn how to: ● Analyze Wireless Network Traffic using Wireshark ● Crack WEP using aircrack-ng ● Crack WPA using aircrack-ng
Scenario
Wireless network technology is becoming increasingly popular, but at the same time, it has many security issues. A wireless local area network (WLAN) allows workers to access digital resources without being tethered to their desks. However, the convenience of WLANs also introduces security concerns that do not exist in a wired world. Connecting to a network no longer requires an Ethernet cable. Instead, data packets are airborne and available to anyone with the ability to intercept and decode them. Several reports have explained weaknesses in the Wired Equivalent Privacy (WEP) algorithm by 802.11x standard to encrypt wireless data. To be an expert ethical hacker and penetration tester , you must have sound knowledge of wireless concepts, wireless encryption, and their related threats. As a security administrator , you must protect your company’s wireless network from hacking.
Exercise: 1 WiFi Packet Analysis using Wireshark
A network monitoring system gives you a full overview of what’s going on in your network at all times. A network monitor has the ability to manage multiple servers and can also manage data from multiple devices such as switches, routers, firewalls, etc… Learning to monitor your network is a great way to know the stress on yout network infrastructure and to see what kind of demands it can handle form the users. By knowing about all the overview information it helps you to troubleshoot your network and a good amount of data to build your future growth plan for your networking infrastructure. Lab Scenario Wireless networks can be open to active or passive attacks. These attacks include DoS, MITM, spoofing, jamming, war driving, network hijacking, packet sniffing, and many more. Passive attacks that take place on wireless networks are common and are difficult to detect since the attacker usually just collects information. Active attacks happen when a hacker has gathered information about the network after a successful passive attack. Sniffing is the act of monitoring the network traffic using legitimate network analysis tools. Hackers can use monitoring tools, including AiroPeek, Ethereal, TCPDump, or Wireshark, to monitor the wireless networks. These tools allow hackers to find an unprotected network that they can hack. Your wireless network can be protected against this type of attack by using strong encryption and authentication methods. Because you are the ethical hacker and penetration tester of an organization, you need to check the wireless security and evaluate weaknesses present in your organization. Lab Objective The objective of this lab is to capture and analyze wireless packets in a network.
- By default, Windows Server 2016 machine is selected by clicking Ctrl+Alt+Delete. Alternatively navigate to the Commands ( Thunder icon) menu and click
click Type Password.
- To launch Wireshark, double-click the Wireshark shortcut icon on the Desktop.
WEPcrack-01.cap and click Open.
- The WEPcrack-01.cap file opens in the Wireshark window showing you the details of the packet for analysis. Here you can see the wireless packets captured which were otherwise masked to look like ethernet traffic. Here 802.11 protocol indicates wireless packets. You can access the saved packet capture file anytime, and by issuing packet filtering commands in the Filter field, you can narrow down the packet search in an attempt to find packets containing sensible information. In real time, attackers enforce packet capture and packet filtering techniques to capture packets containing passwords (only for websites implemented on HTTP channel), perform attacks such as session hijacking, and so on.
Similarly you can also analyze the WPAcrack-01.cap file for WPA packets.
- On completion of the lab, close all the windows. In this lab you have learnt how to analyze wireless packets in a network using Wireshark.
Type root in the Username field and click Next.
- Type toor in the Password field and click Sign In to login.
- Click Other Locations in the left pane. Type smb://10.10.10.16 in the Connect to Server field and click Connect.
- Password required for 10.10.10.16 pop-up appears, enter the login credentials of the Windows Server 2016 machine and click Connect.
- Double-click shared drive (here, E ) and then double-click CEHv10 Module 13 Hacking Web Servers folder. In this folder copy the Wordlists folder
Close the File Explorer window.
- Click the Terminal icon from the Favorites (left hand side of the Desktop ) to launch.
CEHLabs is just used for a demonstration purpose in iLabs. 11.On completion of the lab, close all the windows. Do not cancel the lab session. In this lab, you have learnt how to: ● Crack WEP using aircrack-ng
Exercise: 3 Cracking a WPA (Wi-Fi Protected Access)
with Aircrack-ng
WPA is a security protocol defined by 802.11i standards; it uses a Temporal Key Integrity Protocol (TKIP) that utilizes the RC4 stream cipher encryption with 128-bit keys and 64-bit MIC integrity check to provide stronger encryption, and authentication. WPA uses TKIP to eliminate the weaknesses of WEP by including per-packet mixing functions, message integrity checks, extended initialization vectors, and re-keying mechanisms. WPA2 is an upgrade to WPA, it includes mandatory support for Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), an AES-based encryption mode with strong security. Lab Scenario Network administrators can take steps to help protect their wireless network from outside threats and attacks. Most hackers will post details of any loops or exploits online, and if they find a security hole, attackers will descend in droves to test your wireless network with it. WEP is used for wireless networks; always change your SSID from the default, before you actually connect the wireless router for the access point. If an SSID broadcast is not disabled on an access point, the use of a DHCP server to automatically assign IP address to wireless clients should not be used, because war-driving tools can easily detect your internal IP addressing if the SSID broadcasts are enabled and the DHCP is being used. As an ethical hacker and penetration tester of an organization, your IT director will assign you the task of testing wireless security, exploiting the flaws in WEP, and cracking the keys present in your organization’s WEP. In this lab, we discuss how WPA keys are cracked using standard attacks such as KoreK and PTW. Lab Objectives The objective of this lab is to protect wireless networks from attackers. In this lab, you will learn how to: ● Crack WPA using aircrack-ng
- Click Kali Linux machine. If you see the Blue screen of Kali Linux press Space Bar to get the Login screen of the Kali Linux.
