Summary
Wireless security protocols used to encrypt wireless packets suffer from different types of attacks. WEP, Wired Equivalent Privacy, is severely broken; it is not at all recommended to use on wireless networks. It is uncommon to ever encounter WEP in current wireless pentests. WPA, Wi-Fi Protected Access, was introduced as a replacement and both WPA variants, Personal and Enterprise, are the most common encryption and authentication techniques you will encounter in assessments. For WPA and WPA2 PSK, it has been demonstrated how a dictionary attack is possible using tools like aircrack-ng, available on Kali Linux. WPA and WPA2 Enterprise can potentially be circumvented by creating a parallel network and having a legitimate client attempt to authenticate through your setup rather than the production one.
The dictionary attack used against PSKs can be very time consuming and the generation and use of rainbow tables can accelerate the recovery of the encryption keys. Attacks against WPS...