{"id":77212,"date":"2020-01-22T10:53:33","date_gmt":"2020-01-22T05:23:33","guid":{"rendered":"https:\/\/www.vskills.in\/certification\/tutorial\/?p=77212"},"modified":"2024-04-12T14:24:12","modified_gmt":"2024-04-12T08:54:12","slug":"wlan-hacking","status":"publish","type":"page","link":"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/","title":{"rendered":"WLAN Hacking"},"content":{"rendered":"\n<p><a href=\"https:\/\/www.vskills.in\/certification\/tutorial\/cyber-security-certification\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to Tutorial<\/a><\/p>\n\n\n<p>WLANs faces threats similar to LANs and new security threats also which includes<\/p>\n<ul>\n<li>War&nbsp;drivers \u2013 Person drives&nbsp;around,&nbsp;trying to find APs&nbsp;that have no&nbsp;or weak security.<\/li>\n<li>Hackers&nbsp;\u2013 They&nbsp;find information or deny&nbsp;services and the wireless&nbsp;network&nbsp;makes easy access.<\/li>\n<li>Defaults \u2013 An&nbsp;new AP&nbsp;is being used with its defaults thus, easy to hack.<\/li>\n<\/ul>\n<p>Tools&nbsp;used to increase security are<\/p>\n<ul>\n<li>Authentication \u2013 Authentication with mutual secret password.<\/li>\n<li>Encryption&nbsp;\u2013&nbsp;Using encryption&nbsp;to scramble the contents of transmitted data.<\/li>\n<li>Intrusion Tools&nbsp;\u2013 They detect and identify rogue APs and include IDS and IPS<\/li>\n<\/ul>\n<p>The initial security standard for WLANs was called Wired Equivalent Privacy (WEP) but had various problems like<\/p>\n<ul>\n<li>Static&nbsp;Pre-shared&nbsp;keys (PSK)&nbsp;\u2013 Keys used were manually configured&nbsp;and were static.<\/li>\n<li>Low key values \u2013 Keys were usually 64 bit and were easier to predict from frames.<\/li>\n<\/ul>\n<p>But, SSID cloaking and MAC filtering helped in adding security. SSID cloaking involves steps as<\/p>\n<ul>\n<li>The AP&nbsp;sends&nbsp;a periodic&nbsp;Beacon frame (default&nbsp;is every&nbsp;100 ms)&nbsp;that lists the AP\u2019s SSID and other&nbsp;configuration information.<\/li>\n<li>The client&nbsp;listens for&nbsp;Beacons&nbsp;on&nbsp;all channels, learning about all APs&nbsp;in range.<\/li>\n<li>The client&nbsp;associates&nbsp;with the AP&nbsp;with the strongest signal&nbsp;(the default),&nbsp;or with the AP&nbsp;with the strongest signal&nbsp;for&nbsp;the currently preferred SSID.<\/li>\n<li>The authentication process&nbsp;occurs as soon as the client&nbsp;has&nbsp;associated&nbsp;with the AP.<\/li>\n<\/ul>\n<p>The client learn about AP and its SSIDs via the beacon which helps in roaming and associate with new AP as needed. AP are configured with list of allowed WLAN MAC addresses and to filter rest but, it is circumvented by changing the MAC address as that of legitimate MAC address. Improved security standard called WPA and later WPA2 (also called IEEE 802.11i ) were also introduced which dynamic&nbsp;key&nbsp;exchange,&nbsp;preshared&nbsp;keys (PSK), and AES&nbsp;encryption. All security standards are compared as<\/p>\n<table width=\"533\">\n<thead>\n<tr>\n<td width=\"164\"><strong>Feature<\/strong><\/td>\n<td width=\"79\"><strong>WEP<\/strong><\/td>\n<td width=\"145\"><strong>WPA<\/strong><\/td>\n<td width=\"145\"><strong>WPA2<\/strong><\/td>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td width=\"164\">Key Distribution<\/td>\n<td width=\"79\">Static<\/td>\n<td width=\"145\">Static and Dynamic<\/td>\n<td width=\"145\">Static and Dynamic<\/td>\n<\/tr>\n<tr>\n<td width=\"164\">Device Authentication<\/td>\n<td width=\"79\">Weak<\/td>\n<td width=\"145\">Strong<\/td>\n<td width=\"145\">Strong<\/td>\n<\/tr>\n<tr>\n<td width=\"164\">User Authentication<\/td>\n<td width=\"79\">No<\/td>\n<td width=\"145\">802.1x<\/td>\n<td width=\"145\">802.1x<\/td>\n<\/tr>\n<tr>\n<td width=\"164\">Encryption<\/td>\n<td width=\"79\">Weak<\/td>\n<td width=\"145\">TKIP<\/td>\n<td width=\"145\">AES<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>WLAN Attacks<\/strong><\/p>\n<p>The most common types of attack are as follows.<\/p>\n<ul>\n<li>Probing and discovery tools &#8211; A host of tools have emerged that take advantage of the fact that 802.11 infrastructures rely on network broadcasts to communicate with wireless clients. With these probing and discovery tools, unscrupulous individuals can easily locate, and take advantage of, wireless networks that lack strong security safeguards. One of the most common of these tools is Netstumbler, a Windows-based program that uses active scanning to detect low security access points. Once the access point is detected a number of exploits can be mounted against the network.<\/li>\n<li>MAC identity spoof attacks &#8211; In an 802.11 WLAN, MAC addresses are openly broadcasted over the air. The security implication is that potential attackers can sniff the air looking for valid MAC addresses associated with authorized WLAN users, access points and even wired infrastructure components, such as switches and routers. Once detected, programs exist to spoof these addresses, whereby intruders can masquerade as a valid WLAN client or access point. Naturally, this can compromise a WLAN if MAC authentication is the only security scheme employed.<\/li>\n<li>Denial of service attacks &#8211; Because WLANs broadcast over the unlicensed ISM &amp; U-NII public bands with a limited number of available channels, RF interference is a common problem. As interference increases, signal quality and network availability decreases. Malicious individuals can use this to their advantage, debilitating WLAN performance. Common ways of doing this include RF frequency jamming and exploits such as Airjack and void11, which flood the WLAN.<\/li>\n<li>Man in the middle attacks &#8211; A man in the middle attack results from the interception and possible modification of traffic passing between two communicating parties, such as a wireless client and AP. Man in the middle attacks succeed if the systems can&#8217;t distinguish communications with an intended recipient from those with the intervening attacker.<\/li>\n<li>Static WEP cracking programs &#8211; Soon after it was first introduced, the Wired Equivalency Protocol (WEP) was broken due to the fact that WEP uses static keys which can be easily cracked. While these deficiencies were soon corrected with the WiFi Protected Access (WPA) protocol and 802.11i (WPA2), both of which leverage dynamic keys, many WLANs continue to use WEP-based security. As a result, they are still vulnerable to WEP cracking programs.<\/li>\n<li>Rogue access point attack programs &#8211; A number of &#8220;rogue access point attack programs&#8221; exist which allow attackers to perform a number of stealth attacks by posing as host access points on a WLAN network.<\/li>\n<li>Misconfigured clients &#8211; Due to the nature of the 802.11 specification enterprise WLANs are vulnerable to security risks when new hosts or clients enter the network and when ad-hoc networking is allowed. A wired host with an enabled WLAN adapter, for example, could unwittingly connect to an unknown WLAN. An attacker would then be able to compromise the host machine via the open WLAN adapter through routing features on Linux and Windows and mount an attack against the wired connection. Similarly, the overflow of RF signals means that accidental connections can occur with neighbouring WLANs, which can compromise the security of trusted networks.<\/li>\n<\/ul>\n\n\n<p><a href=\"https:\/\/www.vskills.in\/certification\/tutorial\/cyber-security-certification\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to Tutorial<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Go back to Tutorial WLANs faces threats similar to LANs and new security threats also which includes War&nbsp;drivers \u2013 Person drives&nbsp;around,&nbsp;trying to find APs&nbsp;that have no&nbsp;or weak security. Hackers&nbsp;\u2013 They&nbsp;find information or deny&nbsp;services and the wireless&nbsp;network&nbsp;makes easy access. Defaults \u2013 An&nbsp;new AP&nbsp;is being used with its defaults thus, easy to hack. Tools&nbsp;used to increase security&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"categories":[8921],"tags":[9022],"class_list":["post-77212","page","type-page","status-publish","hentry","category-cyber-security","tag-wlan-hacking"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>WLAN Hacking - Tutorial<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WLAN Hacking - Tutorial\" \/>\n<meta property=\"og:description\" content=\"Go back to Tutorial WLANs faces threats similar to LANs and new security threats also which includes War&nbsp;drivers \u2013 Person drives&nbsp;around,&nbsp;trying to find APs&nbsp;that have no&nbsp;or weak security. Hackers&nbsp;\u2013 They&nbsp;find information or deny&nbsp;services and the wireless&nbsp;network&nbsp;makes easy access. Defaults \u2013 An&nbsp;new AP&nbsp;is being used with its defaults thus, easy to hack. Tools&nbsp;used to increase security...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/\" \/>\n<meta property=\"og:site_name\" content=\"Tutorial\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/vskills.in\/\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-12T08:54:12+00:00\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/\",\"url\":\"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/\",\"name\":\"WLAN Hacking - Tutorial\",\"isPartOf\":{\"@id\":\"https:\/\/www.vskills.in\/certification\/tutorial\/#website\"},\"datePublished\":\"2020-01-22T05:23:33+00:00\",\"dateModified\":\"2024-04-12T08:54:12+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.vskills.in\/certification\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WLAN Hacking\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.vskills.in\/certification\/tutorial\/#website\",\"url\":\"https:\/\/www.vskills.in\/certification\/tutorial\/\",\"name\":\"Tutorial\",\"description\":\"Vskills - A initiative in elearning and certification\",\"publisher\":{\"@id\":\"https:\/\/www.vskills.in\/certification\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.vskills.in\/certification\/tutorial\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.vskills.in\/certification\/tutorial\/#organization\",\"name\":\"Vskills\",\"url\":\"https:\/\/www.vskills.in\/certification\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.vskills.in\/certification\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.vskills.in\/certification\/tutorial\/wp-content\/uploads\/2017\/07\/vskills-min-logo.jpg\",\"contentUrl\":\"https:\/\/www.vskills.in\/certification\/tutorial\/wp-content\/uploads\/2017\/07\/vskills-min-logo.jpg\",\"width\":73,\"height\":55,\"caption\":\"Vskills\"},\"image\":{\"@id\":\"https:\/\/www.vskills.in\/certification\/tutorial\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/vskills.in\/\",\"https:\/\/x.com\/vskills_in\",\"https:\/\/www.linkedin.com\/company-beta\/1371554\/\",\"https:\/\/www.youtube.com\/channel\/UCMWnscxPwRF_PqXo9B7q_Tw\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WLAN Hacking - Tutorial","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/","og_locale":"en_US","og_type":"article","og_title":"WLAN Hacking - Tutorial","og_description":"Go back to Tutorial WLANs faces threats similar to LANs and new security threats also which includes War&nbsp;drivers \u2013 Person drives&nbsp;around,&nbsp;trying to find APs&nbsp;that have no&nbsp;or weak security. Hackers&nbsp;\u2013 They&nbsp;find information or deny&nbsp;services and the wireless&nbsp;network&nbsp;makes easy access. Defaults \u2013 An&nbsp;new AP&nbsp;is being used with its defaults thus, easy to hack. Tools&nbsp;used to increase security...","og_url":"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/","og_site_name":"Tutorial","article_publisher":"https:\/\/www.facebook.com\/vskills.in\/","article_modified_time":"2024-04-12T08:54:12+00:00","twitter_misc":{"Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/","url":"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/","name":"WLAN Hacking - Tutorial","isPartOf":{"@id":"https:\/\/www.vskills.in\/certification\/tutorial\/#website"},"datePublished":"2020-01-22T05:23:33+00:00","dateModified":"2024-04-12T08:54:12+00:00","breadcrumb":{"@id":"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.vskills.in\/certification\/tutorial\/wlan-hacking\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.vskills.in\/certification\/tutorial\/"},{"@type":"ListItem","position":2,"name":"WLAN Hacking"}]},{"@type":"WebSite","@id":"https:\/\/www.vskills.in\/certification\/tutorial\/#website","url":"https:\/\/www.vskills.in\/certification\/tutorial\/","name":"Tutorial","description":"Vskills - A initiative in elearning and certification","publisher":{"@id":"https:\/\/www.vskills.in\/certification\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.vskills.in\/certification\/tutorial\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.vskills.in\/certification\/tutorial\/#organization","name":"Vskills","url":"https:\/\/www.vskills.in\/certification\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.vskills.in\/certification\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-content\/uploads\/2017\/07\/vskills-min-logo.jpg","contentUrl":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-content\/uploads\/2017\/07\/vskills-min-logo.jpg","width":73,"height":55,"caption":"Vskills"},"image":{"@id":"https:\/\/www.vskills.in\/certification\/tutorial\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/vskills.in\/","https:\/\/x.com\/vskills_in","https:\/\/www.linkedin.com\/company-beta\/1371554\/","https:\/\/www.youtube.com\/channel\/UCMWnscxPwRF_PqXo9B7q_Tw"]}]}},"_links":{"self":[{"href":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-json\/wp\/v2\/pages\/77212","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-json\/wp\/v2\/comments?post=77212"}],"version-history":[{"count":4,"href":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-json\/wp\/v2\/pages\/77212\/revisions"}],"predecessor-version":[{"id":82173,"href":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-json\/wp\/v2\/pages\/77212\/revisions\/82173"}],"wp:attachment":[{"href":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-json\/wp\/v2\/media?parent=77212"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-json\/wp\/v2\/categories?post=77212"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.vskills.in\/certification\/tutorial\/wp-json\/wp\/v2\/tags?post=77212"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}