Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Kali Linux Wireless Penetration Testing Cookbook

You're reading from   Kali Linux Wireless Penetration Testing Cookbook Identify and assess vulnerabilities present in your wireless network, Wi-Fi, and Bluetooth enabled devices to improve your wireless security

Arrow left icon
Product type Paperback
Published in Dec 2017
Publisher
ISBN-13 9781783554089
Length 216 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Sean-Philip Oriyano Sean-Philip Oriyano
Author Profile Icon Sean-Philip Oriyano
Sean-Philip Oriyano
Arrow right icon
View More author details
Toc

Preparing for wireless pentesting

After we have installed Kali we need to do a few things to get ourselves ready to properly pentest within the wireless world. One of the first things we have to do is prepare our system is to get information on our wireless devices as well as acquire and adapters or antennas we made need to perform our testing properly.

Let's learn some basics about the wireless devices (or network adapters) connected to your system.

How to do it...

First, let's see how to identify a wireless adapter:

  1. One of the first pieces of information you should have in hand is the name and type of your network connection. This information will prove extremely helpful later on, when you are using the various utilities and scripts as well as ensuring that you have the proper and optimal adapters to get the best results from your test.
  2. So, let's cover how to locate and identify your current network adapters and which information is going to be useful later on during our penetration testing.

Using ifconfig to identify a network adapter.

Within Linux exists a command that can easily assist us in identifying our wireless connection and its state, this command is ifconfig. This command, accessible via the command line, reveals network connection information about each adapter present on the system and their associated names.

To run the command, simply type in the following at the Kali command line:

Ifconfig
  1. Press Enter
  2. The results you will retrieve from the command will look somewhat like the following:

As you can see in the preceding screenshot, we have a lot of information. So, let's break it down.

The first piece of information you should note is the name of the network connections which, in this case, are named eth0 and lo. You can have names such as eth1 or other labels in these places based on the network type. For our purposes, we should see an adapter labeled wlan0 or wlan1 or something starting with the wlan prefix indicating wireless. For the purposes of our analysis, we will use the eth0 adapter; the lo adapter is the loopback virtual adapter and is not of use for us here.

You should also notice in this line the word UP or DOWN, which will tell you if the adapter is online or offline.

The second piece of important information is the line starting with the label inet. This line gives us information about the current configured IPv4 address and associated netmask and other details. The line directly under it is giving the same sort of information, but for IPv6.

The next line gives us a piece of information labeled ether, which is the network adapter's Media Access Control (MAC) address, which is also known as the physical address of the adapter.

The balance of the lines gives detailed information about the network configuration and transfer of data. We will ignore these for right now.

You should always familiarize yourself with the contents of at least the first three lines for each adapter (for our purposes, just your wireless adapter will suffice). All of this information will come in handy later on when you are using the various tools and scripts to attack a wireless network:

  1. Selecting a network adapter.
  2. One of the next actions you will need to take is to select a wireless network adapter or items you need to perform your test. While you can use the adapters that are built into your notebook or other device, they do lack some capabilities in some cases.
  3. Some features that may not be present in internal adapters, but may be desirable to have are:
    • Ability to support an external antenna
    • Ability to perform packet injection (needed for some attacks)
    • Incompatible chipsets on some cards may not work with some specific utilities
    • Lack of support for new wireless standards
    • Lack of support for different frequencies

This is a short list of features which lack of support or capability for can limit your ability to accurately and completely perform your test.

It is with this in mind that I will show an example of an adapter that is fairly common and works quite well. The following image is an example of an adapter by TP-Link that supports many of the capabilities on the list noted here:

An external USB wireless adapter

As you can see from the preceding photograph the most notable feature of this adapter is its use of an external antenna, designed to provide better performance. You can even replace the antenna on this adapter to provide different amounts of coverage and performance.

So, how do you know which is the right adapter for you? In most cases, you can get away with the internal wireless network adapters, but not always. If you intend to perform advanced attacks on wireless networks, increase the range and power of your test.

There's more...

To add to the concept of the recipe, you can refer to the following section for more understanding.

Bluetooth adapters

If you will be testing using Bluetooth you will want to obtain an adapter to be able to perform this type of testing effectively. While it's true that most devices, such as notebooks, tablets, desktops and other computing platforms, include Bluetooth support these all tend to be short range (on average 10 meters or 30 feet) and do not support vital features, such as packet injection (which we will learn about later).

Some examples of a Bluetooth adapter that can be very useful in pentesting are the Sena UD100 and the Ubertooth One.

The first, the Sena UD100, is a USB Bluetooth adapter that supports both packet injection and an external (replaceable) antenna. By default, the adapter supports a range of up to 1000 feet (meaning it can pick up devices to that limit or further with an antenna upgrade).

UD100 Industrial Bluetooth Adapter

The other adapter known as the Ubertooth One is more of a development board than it is a standard adapter, but it can be used for our testing as well. Essentially, the adapter is not only a network card, but is an open source (both hardware and software) system that can be used to develop and implement your own features. The following is an image of the Ubertooth One.

The Ubertooth One

So, how do you decide whether you need a Bluetooth adapter? In most cases, if you are intending to scan long range, perform packet injections, or do anything beyond just detecting Bluetooth-enabled devices, you will probably need to acquire an adapter.

You have been reading a chapter from
Kali Linux Wireless Penetration Testing Cookbook
Published in: Dec 2017
Publisher:
ISBN-13: 9781783554089
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime