Home » Blog » Hacking » Wireless Hacking

Wireless Hacking

posted in: Hacking 0

Wireless networks broadcast their packets the use of radio frequency or optical wavelengths. A current computer pc can pay attention in. Worse, an attacker can manufacture new packets at the fly and convince wi-fi stations to just accept his packets as valid. The little by little procedure in wi-fi hacking may be defined with assist of various subjects as follows:-

Stations and Access Points :-

A wi-fi community interface card (adapter) is a toolreferred to as a station, offering the community bodily layer over a radio hyperlink to any other station. An get entry to point (AP) is a station that gives body distribution service to stations related to it. The AP itself is generally related via way of means of twine to a LAN. Each AP has a zero to 32 byte lengthy Service Set Identifier (SSID) this is additionally generally referred to as community name. The SSID is used to phase the airwaves for usage.

Channels :-

The stations speak with every different the use of radio frequencies among 2.four GHz and 2.five GHz. Neighboring channels are simplest five MHz apart. Two wi-fi networks the use of neighboring channels might also additionally intrude with every different.

Wired Equivalent Privacy (WEP) :-

It is a shared-mystery key encryption machine used to encrypt packets transmitted among a station and an AP. The WEP set of rules is meant to defend wi-fi communique from eavesdropping. A secondary characteristic of WEP is to prevent unauthorized get entry to to a wi-fi community. WEP encrypts the payload of data packets. Management and manage frames are usually transmitted withinside the clean. WEP makes use of the RC4 encryption set of rules.

Wireless Network Sniffing :-

Sniffing is eavesdropping at the community. A (packet) sniffer is a program that intercepts and decodes community visitors broadcast thru a medium. It is less difficult to smell wi-fi networks than stressed out ones. Sniffing can additionally assist discover the clean kill as in scanning for open get entry to factors that allow all people to connect, or shooting the passwords utilized in a connection consultation that doesn’t even use WEP, or in telnet, rlogin and ftp connections.

Passive Scanning :-

Scanning is
the act of sniffing via way of means of tuning to numerous radio channels of the gadgets.
A passive community scanner instructs the wi-fi card to pay attention to every
channel for some messages. This does now no longer monitor the presence of the scanner.
An attacker can passively test with out transmitting at all.
6) Detection of SSID :- The attacker
can find out the SSID of a community generally via way of means of passive scanning due to the fact the
SSID happens withinside the following body types: Beacon, Probe Requests, Probe
Responses, Association Requests, and Reassociation Requests. Recall that
control frames are usually withinside the cleaneven if WEP is enabled.
When the above strategies fail, SSID discovery is finished via way of means of energetic scanning

7) Collecting the MAC Addresses :-
The attacker gathers valid MAC addresses to be used later in constructing
spoofed frames. The supply and vacation spot MAC addresses are usually withinside the
clean in all of the frames.
8) Collecting the Frames for Cracking WEP
:- The purpose of an attacker is to find out the WEP shared-mystery key.
The attacker sniffs a big range of frames An instance of a WEP cracking
device is AirSnort ( http://airsnort.Shmoo.Com ).
9) Detection of the Sniffers :- Detecting
the presence of a wi-fi sniffer, who stays radio-silent, thru community
safety features is truely impossible. Once the attacker starts offevolved probing
(i.E., via way of means of injecting packets), the presence and the coordinates of the wi-fi
tool may be detected.
10) Wireless Spoofing :- There are
famous assault strategies called spoofing in each stressed out and wi-fi
networks. The attacker constructs frames via way of means of filling decided on fields that
comprise addresses or identifiers with valid searching however non-existent
values, or with values that belong to others. The attacker could have collected
those valid values thru sniffing.
11) MAC Address Spoofing :- The attacker
normally wants to be hidden. But the probing interest injects frames
which might be observable via way of means of machine administrators. The attacker fills the Sender
MAC Address discipline of the injected frames with a spoofed fee in order that his
gadget isn’t identified.
12) IP spoofing :- Replacing the true
IP deal with of the sender (or, in uncommon cases, the vacation spot) with a different
deal with is called IP spoofing. This is a important operation in lots of assaults.
13) Frame Spoofing :- The attacker
will inject frames which might be legitimate however whose content material is cautiously spoofed.

14) Wireless Network Probing :- The attacker then sends artificially
built packets to a goal that cause beneficial responses. This interest
is called probing or energetic scanning.

15) AP Weaknesses :- APs have weaknesses which might be each because of design
errors and person interfaces
16) Trojan AP :- An attacker sets
up an AP in order that the centered station gets a more potent sign from it
than what it gets from a valid AP.
17) Denial of Service :- A denial
of service (DoS) happens whilst a machine isn’t offering offerings to authorized
customers due to useful resource exhaustion via way of means of unauthorized customers. In wi-fi
networks, DoS assaults are tough to prevent, tough to stop. An on-going
assault and the sufferer and its customers might not even discover the assaults. The
length of such DoS might also additionally variety from milliseconds to hours. A DoS assault
in opposition to an person station permits consultation hijacking.
18) Jamming the Air Waves :- A range
of patron home equipment along with microwave ovens, toddler monitors, and cordless
telephones perform at the unregulated 2.4GHz radio frequency. An attacker can
unharness big quantities of noise the use of those gadgets and jam the airwaves
in order that the sign to noise drops so low, that the wi-fi LAN ceases to
19) War Driving : Equipped with wi-fi
gadgets and associated tools, and using round in a car or parking at
exciting locations with a purpose of coming across clean-to-get-into wi-fi
networks is called conflict using. War-drivers (http://www.Wardrive.Net)
outline conflict using as “The benign act of finding and logging wi-fi
get entry to factors even as in motion.” This benign act is of path beneficial
to the attackers.
Regardless of the protocols, wi-fi networks will continue to be potentially
insecure due to the fact an attacker can pay attention in with out gaining bodily get entry to.