Wireless Exploit Project

Question

I've been given a task of doing research for some tools/methods of accomplishing the following goals:

The engineers will scan the 802.11-based signal cloud around your network testing for ways that outsiders could eavesdrop on your wireless communications, break authentication or cryptographic protocols, or impersonate elements of your wireless infrastructure.

Please note, I am new to the field of IT security in terms of practicing and researching exploits, so it would be the most helpful if you could be point me in the right direction i.e. links to good Youtube videos, reccomend books/blogs for this particular taksing, and particular tools to use.

Thanks in advance

Answer 1

For getting started, i recommend a fresh install of kali linux.

Wifi NIC emulation can be a pain if you intend to install Kali on a VM (One solution would be to emulate your Wireless NIC with a compatible Wifi USB adapter.)

So, dual boot (Kali seems to be now UEFI compatible) or a dedicated computer would be the best.

This linux distribution is embed with a large panel of well documented security related tools, including 30+ wireless programs.

As @SecretSasquatch mentioned in the comments, the AirCrack-ng suite would be a nice fit for getting started. I'm assuming you know how to read a .pcap file. If you dont, please practice with tcpdump or wireshark before doing the following:

• The most simple attack would be to crack a wep key with vector(IVs) attacks

• More difficult and quite luck dependent : WPA Cracking (I like to use both jack the ripper and Aircrack-ng when performing this.)

• Bonus stage : EvilTwin attack

Studying and practicing those 3 attacks should cover a wireless security initiation.

EDIT : Maybe a bit more than an initiation actually.

Good luck.