Mastering Kali Linux Wireless Pentesting
图书信息
| 作者 | Jilumudi Raghu Ram |
| 出版社 | Packt Publishing |
| ISBN | 9781785282850 |
| 出版时间 | 2016-02-25 |
| 字数 | 170.8万 |
| 分类 | 进口书,外文原版书,电脑,网络 |
读书简介
Test your wireless network’s security and master advanced wireless penetration techniques using Kali LinuxAbout This BookDevelop your skills using attacks such as wireless cracking, Man-in-the-Middle, and Denial of Service (DOS), as well as extracting sensitive information from wireless networksPerform advanced wireless assessment and penetration testsUse Embedded Platforms, Raspberry PI, and Android in wireless penetration testing with Kali LinuxWho This Book Is ForIf you are an intermediate-level wireless security consultant in Kali Linux and want to be the go-to person for Kali Linux wireless security in your organisation, then this is the book for you. Basic understanding of the core Kali Linux concepts is expected.What You Will LearnFingerprint wireless networks with the various tools available in Kali LinuxLearn various techniques to exploit wireless access points using CSRFCrack WPA/WPA2/WPS and crack wireless encryption using Rainbow tables more quicklyPerform man-in-the-middle attack on wireless clientsUnderstand client-side attacks, browser exploits, Java vulnerabilities, and social engineeringDevelop advanced sniffing and PCAP analysis skills to extract sensitive information such as DOC, XLS, and PDF documents from wireless networksUse Raspberry PI and OpenWrt to perform advanced wireless attacksPerform a DOS test using various techniques and toolsIn DetailKali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It gives access to a large collection of security-related tools for professional security testing - some of the major ones being Nmap, Aircrack-ng, Wireshark, and Metasploit.This book will take you on a journey where you will learn to master advanced tools and techniques to conduct wireless penetration testing with Kali Linux.You will begin by gaining an understanding of setting up and optimizing your penetration testing environment for wireless assessments. Then, the book will take you through a typical assessment from reconnaissance, information gathering, and scanning the network through exploitation and data extraction from your target. You will get to know various ways to compromise the wireless network using browser exploits, vulnerabilities in firmware, web-based attacks, client-side exploits, and many other hacking methods. You will also discover how to crack wireless networks with speed, perform man-in-the-middle and DOS attacks, and use Raspberry Pi and Android to expand your assessment methodology.By the end of this book, you will have mastered using Kali Linux for wireless security assessments and become a more effective penetration tester and consultant.Style and approachThis book uses a step-by-step approach using real-world attack scenarios to help you master the wireless penetration testing techniques.
目录
Mastering Kali Linux Wireless Pentesting
Table of Contents
Mastering Kali Linux Wireless Pentesting
Credits
About the Authors
About the Reviewer
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Downloading the color images of this book
Errata
Piracy
Questions
1. Wireless Penetration Testing Fundamentals
Wireless communication
Wireless standards
The 2.4 GHz spectrum
The 5 GHz spectrum
Choosing the right equipment
Supported wireless modes
Wireless adapters
Ralink RT3070
Atheros AR9271
Ralink RT3572
Antennas
Omnidirectional antennas
Patch antennas
Yagi antennas
Kali Linux for the wireless pentester
Downloading Virtual Box
Installing Virtual Box
Kali Linux deployment
Mapping the wireless adapter into Kali
Summary
2. Wireless Network Scanning
Wireless network discovery
802.11 network terminology
802.11 configuration modes
802.11 frames
Management frame
Control frames
Data frames
The scanning phase
Passive scanning
Active scanning
Tools of the trade
Airodump-ng
Adding a location to Airodump-ng with GPS
Visually displaying relationships with Airgraph-ng
Discovering Client Probes with Hoover
WPS discovery with Wash
Kismet
Wireshark
Summary
3. Exploiting Wireless Devices
Attacking the firmware
Authentication bypass
CVE-2013-7282
CVE-2013-6026
CVE-2015-7755
Cross-Site Request Forgery
CVE-2014-5437
CVE-2014-8654
CVE-2013-2645
Remote code execution
CVE-2014-9134
Command injection
CVE-2008-1331
Denial of Service
OSVDB-102605
CVE-2009-3836
Information disclosure
CVE-2014-6621
CVE-2014-6622
CVE-2015-0554
Attacking the services
Attacking Telnet
Attacking SSH
Attacking SNMP
CVE-2014-4863: Arris Touchstone DG950A SNMP information disclosure
CVE-2008-7095: Aruba Mobility Controller SNMP community string dislosure
Attacking SNMP
Attacking UPnP
Discovery
Description
Control
UPnP attacks
CVE-2011-4500
CVE-2011-4499
CVE-2011-4501
CVE-2012-5960
Checks on misconfiguration
Summary
4. Wireless Cracking
Overview of different wireless security protocols
Cracking WPA
WPA Personal
Cracking WPA2
Generating rainbow tables
Generating rainbow tables using genpmk
Generating rainbow tables using airolib-ng
Cracking WPS
Cracking 802.1x using hostapd
Summary
5. Man-in-the-Middle Attacks
MAC address Spoofing/ARP poisoning
Rogue DHCP server
Name resolution spoofing
DNS spoofing
Configuring Ettercap for DNS spoofing
NBNS spoofing
Summary
6. Man-in-the-Middle Attacks Using Evil Twin Access Points
Creating virtual access points with Hostapd
Creating virtual access points with airbase-ng
Session hijacking using Tamper Data
An example of session hijacking
Performing session hijacking using Tamper Data
Credential harvesting
Using Ettercap to spoof DNS
Hosting your fake web page
Web-based malware
Creating malicious payload using msfpayload
Hosting the malicious payload on SET
SSL stripping attack
Setting up SSLstrip
Browser AutoPwn
Setting up Metasploit's Browser Autopwn attack
Summary
7. Advanced Wireless Sniffing
Capturing traffic with Wireshark
Decryption using Wireshark
Decrypting and sniffing WEP-encrypted traffic
Decrypting and sniffing WPA-encrypted traffic
Analyzing wireless packet capture
Determining network relationships and configuration
Extracting the most visited sites
Extracting data from unencrypted protocols
Extracting HTTP objects
Merging packet capture files
Summary
8. Denial of Service Attacks
An overview of DoS attacks
Management and control frames
Authentication flood attack
An attack scenario
Scanning for access points
MDK3 setup for authentication flood
The attack summary
The fake beacon flood attack
MDK3 fake beacon flood with a random SSID
MDK3 fake beacon flood with the selected SSID list
The attack summary
Metasploit's fake beacon flood attack
Configuring packet injection support for Metasploit using lorcon
Creating a monitor mode interface
The Metasploit deauthentication flood attack
Identifying the target access points
Attacking the wireless client and AP using Metasploit
The attack summary
The Metasploit CTS/RTS flood attack
The Metasploit setup for an RTS-CTS attack
The attack summary
Summary
9. Wireless Pentesting from Non-Traditional Platforms
Using OpenWrt for wireless assessments
Installing the aircrack-ng suite on OpenWrt
Using Raspberry Pi for wireless assessments
Accessing Kali Linux from a remote location
Using AutoSSH for reverse shell
Powering and concealing your Raspberry Pi or OpenWrt embedded device
Running Kali on Android phones and tablets
Wireless discovery using Android PCAP
Summary
Index
- 2019年全国导游人员资格考试辅导教材-全国导游基础知识(圣才电子书)
- 儿童英语启蒙——从绘本、游戏到分级读物(施乐遥)
- Castle Rackrent(Maria Edgeworth)
- 为爱赴死因爱而生(读书堂)
- Guía espa?ol-rumana para una comunicación eficaz(Dana Oprică)
- 第11集 趋势定位:如何从消费市场往创业市场和资本市场转型(此商品为视频课程)(周导)
- 戒子的诗(戒子)
