Evil Twin Attack (A Step by Step Guide)

Rogue Access Point - Kali Linux

“A Fake WiFi access point is a wireless access point that has been installed on a secure network without explicit authorization from a local network administrator, whether added by a well-meaning employee or by a malicious attacker.” – Wikipedia

Fake WiFi access point is often called as:

 

Using this method it is possible to retrieve the WPA/2 passphrase in clear-text within minutes.
[ Continue reading ... ]

Automated WiFi Cracking

Wifite is a Linux based WiFi cracking tool (comes pre-installed on Kali) coded in Python. It is used to automate the hacking process and aims at minimizing the user inputs by scanning and using Python for automation techniques. Wifite is capable of Hacking WEP, WPA/2 and WPS, but not alone.
[ Continue reading ... ]

Post Exploiting The Network [ch6]

rwsps-post-exploiting-the-network-sniffing-ettercap-nmap-aireplay-ng-logo

So far in the WiFi Security and Pentesting Series we have learned to

  1. Crack WEP Using aircrack-ng suite of tools
  2. Crack the WPA/2 passphrase using Aircrack-NG
  3. Speed Up WPA/2 Cracking with Hashcat
  4. Automate WiFi Cracking

Now considering that we are into a network it is important to learn a few thing that we can do to start our penetration testing within the scope of a network.
[ Continue reading ... ]

Crack WPA2-PSK Using Pre generated PMKs [ch5pt1]

rootsh3ll-speed-up-wpa-psk-cracking-with-pregenerated-pmk-cowpatty-pyrit-rwsps

If you are following the series from the very beginning you must be familiar with the Handshake we captured and used it with a Wordlist to crack the WPA2-PSK. As there is a tremendous possibility for WPA2 passphrases as they can be AlphaNumeric including special characters that too with 8-63 characters long.
[ Continue reading ... ]

Cracking WPA2-PSK with Aircrack-ng [ch3pt4]

WPA2-Cracking-Aircrack-ng-rootsh3ll-ch3pt4

[YB]This article is an excerpt from my WiFi Penetration testing and Security eBook in which I talk about hacking WiFi enabled devices with rogue access points, war driving, custom captive portals and splash page, multiple access points from a single NIC and much more.
[ Continue reading ... ]

WEP Cracking Using Aircrack-ng [ch3pt3]

rwsps-wep-cracking-aircrack-ng-rootsh3ll

WEP (Wired Equivalent Privacy) is the weakest and an outdated encryption mechanism used by the routers(access points) to encrypt data packets passing through the router itself.

As we studied here, WEP uses 64-bit and 128-bit encryption as a standard, but security researchers discovered many flaws in the encryption mechanism of WEP , like static key generation, fast re-keying method.
[ Continue reading ... ]