Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Mastering Kali Linux Wireless Pentesting
Table of Contents Mastering Kali Linux Wireless Pentesting Credits About the Authors About the Reviewer www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Preface
What this book covers What you need for this book Who this book is for Conventions Reader feedback Customer support
Downloading the example code Downloading the color images of this book Errata Piracy Questions
1. Wireless Penetration Testing Fundamentals
Wireless communication Wireless standards
The 2.4 GHz spectrum The 5 GHz spectrum
Choosing the right equipment
Supported wireless modes Wireless adapters
Ralink RT3070 Atheros AR9271 Ralink RT3572
Antennas
Omnidirectional antennas Patch antennas Yagi antennas
Kali Linux for the wireless pentester
Downloading Virtual Box Installing Virtual Box Kali Linux deployment Mapping the wireless adapter into Kali
Summary
2. Wireless Network Scanning
Wireless network discovery 802.11 network terminology
802.11 configuration modes 802.11 frames
Management frame Control frames Data frames
The scanning phase
Passive scanning Active scanning
Tools of the trade
Airodump-ng
Adding a location to Airodump-ng with GPS
Visually displaying relationships with Airgraph-ng Discovering Client Probes with Hoover WPS discovery with Wash Kismet Wireshark
Summary
3. Exploiting Wireless Devices
Attacking the firmware
Authentication bypass
CVE-2013-7282 CVE-2013-6026 CVE-2015-7755
Cross-Site Request Forgery
CVE-2014-5437 CVE-2014-8654 CVE-2013-2645
Remote code execution
CVE-2014-9134
Command injection
CVE-2008-1331
Denial of Service
OSVDB-102605 CVE-2009-3836
Information disclosure
CVE-2014-6621 CVE-2014-6622 CVE-2015-0554
Attacking the services
Attacking Telnet Attacking SSH Attacking SNMP
CVE-2014-4863: Arris Touchstone DG950A SNMP information disclosure CVE-2008-7095: Aruba Mobility Controller SNMP community string dislosure
Attacking SNMP Attacking UPnP
Discovery Description Control UPnP attacks
CVE-2011-4500 CVE-2011-4499 CVE-2011-4501 CVE-2012-5960
Checks on misconfiguration Summary
4. Wireless Cracking
Overview of different wireless security protocols Cracking WPA
WPA Personal
Cracking WPA2
Generating rainbow tables
Generating rainbow tables using genpmk Generating rainbow tables using airolib-ng
Cracking WPS
Cracking 802.1x using hostapd
Summary
5. Man-in-the-Middle Attacks
MAC address Spoofing/ARP poisoning Rogue DHCP server Name resolution spoofing DNS spoofing Configuring Ettercap for DNS spoofing NBNS spoofing Summary
6. Man-in-the-Middle Attacks Using Evil Twin Access Points
Creating virtual access points with Hostapd Creating virtual access points with airbase-ng Session hijacking using Tamper Data
An example of session hijacking Performing session hijacking using Tamper Data
Credential harvesting
Using Ettercap to spoof DNS Hosting your fake web page
Web-based malware
Creating malicious payload using msfpayload Hosting the malicious payload on SET
SSL stripping attack
Setting up SSLstrip
Browser AutoPwn
Setting up Metasploit's Browser Autopwn attack
Summary
7. Advanced Wireless Sniffing
Capturing traffic with Wireshark
Decryption using Wireshark Decrypting and sniffing WEP-encrypted traffic Decrypting and sniffing WPA-encrypted traffic Analyzing wireless packet capture Determining network relationships and configuration Extracting the most visited sites
Extracting data from unencrypted protocols
Extracting HTTP objects
Merging packet capture files Summary
8. Denial of Service Attacks
An overview of DoS attacks Management and control frames Authentication flood attack
An attack scenario Scanning for access points MDK3 setup for authentication flood The attack summary
The fake beacon flood attack
MDK3 fake beacon flood with a random SSID MDK3 fake beacon flood with the selected SSID list The attack summary
Metasploit's fake beacon flood attack
Configuring packet injection support for Metasploit using lorcon Creating a monitor mode interface
The Metasploit deauthentication flood attack
Identifying the target access points Attacking the wireless client and AP using Metasploit The attack summary
The Metasploit CTS/RTS flood attack
The Metasploit setup for an RTS-CTS attack The attack summary
Summary
9. Wireless Pentesting from Non-Traditional Platforms
Using OpenWrt for wireless assessments
Installing the aircrack-ng suite on OpenWrt
Using Raspberry Pi for wireless assessments Accessing Kali Linux from a remote location Using AutoSSH for reverse shell Powering and concealing your Raspberry Pi or OpenWrt embedded device Running Kali on Android phones and tablets Wireless discovery using Android PCAP Summary
Index
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion