Index
A
- access point
- setting up / Setting up the access point
- configuring / Time for action – configuring the access point, What just happened?
- configuration, for using WEP and WPA / Have a go hero – configuring the access point to use WEP and WPA
- connecting / Connecting to the access point
- wireless card, connecting to / Time for action – configuring your wireless card, What just happened?
- default account / Default accounts and credentials on the access point
- credentials / Default accounts and credentials on the access point
- access point MAC spoofing / Evil twin and access point MAC spoofing
- Acknowledgement (ACK) / Revisiting WLAN frames
- AP-less WPA-Personal
- cracking / AP-less WPA-Personal cracking, Time for action – AP-less WPA cracking, What just happened?
- application session
- hijacking, over wireless / Session hijacking over wireless, Time for action – session hijacking over wireless
- hijacking, wireless MITM / What just happened?
- hijacking, challenges / Have a go hero – application hijacking challenge
- Authenticator Nonce (ANonce), Supplicant Nonce (SNonce) / WPA/WPA2
- Authenticator Nounce (ANounce) / AP-less WPA-Personal cracking
C
- Caffe Latte attack
- about / The Caffe Latte attack
- conducting / Time for action – conducting the Caffe Latte attack, Have a go hero – practise makes you perfect!
- Clear to Send (CTS) / Revisiting WLAN frames
- client
- deauthenticating / Time for action – deauthenticating the client, What just happened?
- attack, dissociating / Have a go hero – dissociation attack on the client
- security configurations, finding / Finding security configurations on the client
- deauthentication attack / Time for action – deauthentication attack on the client
- baiting / Have a go hero – baiting clients
- control frames
- viewing / Time for action – viewing management, control, and data frames
- Cowpatty
- about / Have a go hero – trying WPA-PSK cracking with Cowpatty
- WPA-PSK cracking / Have a go hero – trying WPA-PSK cracking with Cowpatty
D
- data frames
- viewing / Time for action – viewing management, control, and data frames
- data packets
- sniffing, for network / Time for action – sniffing data packets for our network, What just happened?
- analyzing / Have a go hero – analyzing data packets
- injection / Time for action – packet injection
- deauthentication attacks / Deauthentication and disassociation attacks
- default accounts
- cracking, on access point / Default accounts and credentials on the access point, Time for action – cracking default accounts on the access points, What just happened?
- cracking, with brute-force attacks / Have a go hero – cracking accounts using brute-force attacks
- Denial of Service (DoS) attack / Have a go hero – filling up the access point's tables
- Denial of Service (DoS) attacks
- about / Denial of service attacks
- deauthentication DoS attack / Time for action – deauthentication DoS attack, What just happened?
- disassociation attacks, conducting / Have a go hero – disassociation attacks
- disassociation attacks / Deauthentication and disassociation attacks
- DNS
- hijacking, over wireless / Session hijacking over wireless, Time for action – session hijacking over wireless
E
- EAP-TTLS / EAP-TTLS
- enterprises
- security best practices / Security best practices for enterprises
- Ettercap
- about / Have a go hero – application hijacking challenge
- evil twin
- disassociation attacks, conducting / Evil twin and access point MAC spoofing
- with access point MAC spoofing / Time for action – evil twin with MAC spoofing
- and channel hopping / Have a go hero – evil twin and channel hopping
F
- filters
- working with / Have a go hero – playing with filters
- four-way handshake KRACK attack
- about / The four-way handshake KRACK attack
- exploring / Time for action – getting KRACKing
- FreeRADIUS-WPE
- setting up / Setting up FreeRADIUS-WPE
- used, for setting up AP / Time for action – setting up the AP with FreeRADIUS-WPE
- FreeRADIUS-WPE (Wireless Pwnage Edition) / Setting up FreeRADIUS-WPE
G
- Group Temporal Key (GTK) / KRACK attack overview
H
- hardware requirements, wireless lab
- two laptops with internal Wi-Fi cards / Hardware requirements
- one wireless adapter (optional) / Hardware requirements
- one access point / Hardware requirements
- internet connection / Hardware requirements
- hidden SSIDs
- about / Hidden SSIDs
- uncovering / Time for action – uncovering hidden SSIDs, What just happened?
- deauthentication, selecting / Have a go hero – selecting deauthentication
- Hirte attack
- about / The Hirte attack
- reference / The Hirte attack
- WEP, cracking / Time for action – cracking WEP with the Hirte attack, What just happened?
- Honeypot attacks
- about / Honeypot and Misassociation attacks
- client, forcing to connect / Have a go hero – forcing a client to connect to the Honeypot
- Honeypots
- creating, with SSID / What just happened?
- Hydra / Have a go hero – cracking accounts using brute-force attacks
I
- injection / Important note on WLAN sniffing and injection
- Internet Control Message Protocol (ICMP) / Time for action – configuring your wireless card
K
- Kali
- URL / Software requirements
- installing / Installing Kali, Time for action – installing Kali
- installing, on VirtualBox / Have a go hero – installing Kali on VirtualBox, Have a go hero – installing Kali on VirtualBox
- Key Reinstallation AttaCKs (KRACK)
- overview / KRACK attack overview
M
- MAC filters
- about / MAC filters
- using / Time for action – beating MAC filters, What just happened?
- Maltego
- about / Have a go hero – extension ideas
- Man-in-the-Middle (MITM) / The four-way handshake KRACK attack
- Man-in-the-Middle (MITM) attack
- about / A Man-in-the-Middle attack
- working / Time for action – Man-in-the-Middle attack
- wireless setup, creating / What just happened?
- wireless interface, bridging / Have a go hero – MITM over pure wireless
- used, for wireless eavesdropping / Wireless eavesdropping using MITM
- creating, for wireless eavesdropping / What just happened?
- management frames
- viewing / Time for action – viewing management, control, and data frames, What just happened?
- management summary
- about / Reporting
- Message Integrity Check (MIC) / WPA/WPA2
- Misassociation attacks
- about / Honeypot and Misassociation attacks
- orchestrating / Time for action – orchestrating a Misassociation attack
- monitor mode interface
- creating / Time for action – creating a monitor mode interface, Have a go hero – creating multiple monitor mode interfaces
N
- Non-Disclosure Agreement (NDA)
- about / Planning
O
- Open Authentication
- about / Open Authentication
- bypassing / Time for action – bypassing Open Authentication
P
- Pairwise Transient Key (PTK) / WPA/WPA2
- attributes / KRACK attack overview
- Password-Based Key Derivation Function (PBKDF2) / WPA/WPA2
- phases, wireless penetration test
- about / Wireless penetration testing
- planning phase / Planning
- discovery phase / Discovery
- attack phase / Attack
- encryption, cracking / Cracking the encryption
- infrastructure, attacking / Attacking infrastructure
- clients, compromising / Compromising clients
- reporting phase / Reporting
- Pre-Shared Key (PSK) / WPA/WPA2
- Preferred Network List (PNL) / Honeypot and Misassociation attacks
- Probe sniffing
- about / Probe sniffing
- data, collecting / Time for action – collecting data
- Python script / Time for action – collecting data
- Python, using / What just happened?
- data visualization tools / Have a go hero – extension ideas
- data analytics tools / Have a go hero – extension ideas
- Proof of Concept (PoC) / The four-way handshake KRACK attack
- Protected Extensible Authentication Protocol (PEAP)
- attacking / Attacking PEAP
- cracking / Time for action – cracking PEAP
- attack variations / Have a go hero – attack variations on PEAP
R
- Radio Frequency (RF) / What just happened?
- RADIUS
- exploring / Have a go hero – playing with RADIUS
- Request to Send (RTS) / Revisiting WLAN frames
- rogue access point
- about / A rogue access point
- creating / A rogue access point, Time for action – Setting up a rogue access point
- challenge / Have a go hero – rogue access point challenge
S
- security best practices
- for enterprises / Security best practices for enterprises
- security configurations
- finding, on client / Finding security configurations on the client
- Shared Key Authentication (SKA)
- about / Shared Key Authentication
- bypassing / Time for action – bypassing shared authentication
- access point’s tables, filling up / Have a go hero – filling up the access point's tables
- software requirements, wireless lab
- Kali / Software requirements
- Windows XP/Vista/7/10 / Software requirements
- Supplicant Nounce (SNounce) / AP-less WPA-Personal cracking
T
- technical summary
- about / Reporting
- Temporal Key Integrity Protocol (TKIP) / WPA/WPA2
V
- VirtualBox
- reference / Have a go hero – installing Kali on VirtualBox
W
- WEP
- cracking / Time for action – cracking WEP
- decrypting / Decrypting WEP and WPA packets, Time for action – decrypting WEP and WPA packets, What just happened?
- connecting / Connecting to WEP and WPA networks, Time for action – connecting to a WPA network
- WEP configuration
- connnection, establishing / Have a go hero – establishing a connection in a WEP configuration
- WEP cracking
- fake authentication / Have a go hero – fake authentication with WEP cracking
- WEP encryption
- about / WEP encryption
- Wi-Fi Protected Access (WPA) / WLAN encryption
- Wi-Fi Protection Access v2 (WPA2) / WLAN encryption
- WiFishing
- about / What just happened?
- Wired Equivalent Privacy (WEP) / WLAN encryption
- Wired Equivalent Protocol (WEP) / Shared Key Authentication
- wireless card
- setting up / Setting up the wireless card
- configuring / Time for action – configuring your wireless card
- wireless eavesdropping
- with MITM / Wireless eavesdropping using MITM
- working / Time for action – wireless eavesdropping
- wireless lab
- hardware requirements / Hardware requirements
- software requirements / Software requirements
- wireless packets
- sniffing / Time for action – sniffing wireless packets
- different devices, finding / Have a go hero – finding different devices
- wireless penetration test
- performing / Wireless penetration testing
- Wireless Protected Setup (WPS)
- about / WPS attacks
- WLAN encryption / WLAN encryption
- WLAN frames
- revisiting / Revisiting WLAN frames
- management frames / Revisiting WLAN frames
- control frames / Revisiting WLAN frames
- data frames / Revisiting WLAN frames
- monitor mode interface, creating / Time for action – creating a monitor mode interface
- wireless packets, sniffing / Time for action – sniffing wireless packets
- WLAN sniffing
- installing, on VirtualBox / Important note on WLAN sniffing and injection
- adapter, exploring / Time for action – experimenting with your adapter, What just happened?
- multiple channels, sniffing / Have a go hero – sniffing multiple channels
- WPA
- about / WPA/WPA2
- WPA-PSK weak passphrase
- cracking / Time for action – cracking WPA-PSK weak passphrase
- WPA/WPA2 PSK cracking
- Cowpatty tool, using / Have a go hero – trying WPA-PSK cracking with Cowpatty
- speeding up / Speeding up WPA/WPA2 PSK cracking, Time for action – speeding up the cracking process, What just happened?
- WPA networks
- connecting / Connecting to WEP and WPA networks, Time for action – connecting to a WPA network
- WPA packets
- decrypting / Decrypting WEP and WPA packets, Time for action – decrypting WEP and WPA packets, What just happened?
- WPS attack
- about / WPS attacks, Time for action – WPS attack
- vulnerabilities / What just happened?
- rate limiting / Have a go hero – rate limiting
- WPS attacks
- vulnerabilities / WPS attacks