I just finished a project in which I coded a man in the middle attack on an unsecure network. I've tried to see how feasible it would be to extend this a secured network. Some internet searching has left me a bit puzzled. I have a few questions:
What exactly do wireless encryptions hide? I assume it is everything after the destination and source MACs. Is this true?
If the password of a network is known, how trivial/difficult is the implementation of an ARP poisoning attack?
If the password of a network is known, how trivial/difficult is it to do anything malicious? It seems like the data would be encrypted using other unknown and constantly changing elements such as initialization vectors. If ARP poisoning is feasible, is there a confidentiality concern?
Thanks ahead of time guys.