Giters

Minashi / tmp

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

WIFI-Pentesting

General Assumptions:

iw dev wlan0 scan | grep SSID ## wireless networks within the range of the wireless card (wlan0) are detected

airmon-ng start wlan0 ## setting the wireless card (wlan0) to monitor mode

airodump-ng wlan0mon ## detecting surrounding networks by listening to the network in monitor mode

iwconfig wlan0mon channel 3 ## change the channel where the wireless network card is located

iwlist wlan0mon channel ## view the channel where the wireless network card is located

airodump-ng -c 3 --bssid <AP_MAC> -w <capture_file> wlan0mon ## listening to the target AP on the specified channel

Attack Map

WEP? or WPA/WPA2?

WEP;

AUTH: OPN? or SKA?

AUTH: OPN;

Any client connected to AP? YES? or NO?

> YES;

  # ARP Request Replay Attack
  # Interactive Packet Replay Attack
  # Deauthentication Attack (can be used in both cases (yes or no))

> NO;

  # Fake Authentication Attack (can be used in both cases (yes or no))
  # Fragmentation Attack
  # Korek ChopChop Attack

AUTH: SKA (Bypassing WEP Shared Key Authentication);

## There is a client connected to the AP. You can follow the steps below to attack;

 # Deauthentication Attack
 # Fake Shared Key Authentication Attack
 # ARP Request Replay Attack
 # Deauthentication Attack
 # Aircrack-ng

WPA/WPA2

Attack;

# Deauthentication Attack

Cracking the network key;

# with Aircrack-ng
# with JTR and Aircrack-ng
# with coWPAtty
# with Pyrit

About