Futaba _ Webs πΈπΈππΈπΈ
Wifi Hacking with Aircrack-ng πΈπΈππΈπΈ
So today, I wanted to talk about WIFI hacking, how to perform it, as well as how to defend against it. Link to the demonstration video is at the end of the post. But before I start, I would like to mention as a disclaimer that I by no means condone any form of illegal behavior you might use this information for. It's STRICTLY for educational purposes ONLY.
π Article π Glossary π Catalog π Home π Search Modeπ Article Glossary
πΈ Synopsis πΈ
Today, I'm going to talk more about ransomware attacks and how to prevent them. This is to raise more awareness on proper Cyber Security data Hygiene methods, as well as other techniques that can be used to prevent any real damage should this attack connect. This article is also going to feature some of my formal QA answers from a recent interview I did most recently.
πΈ Article Topics πΈ
I'll be discussing the following topics in order: π Premise π What is Session Hijacking? π What are COOKIES? π What is Cookie Session Hijacking? You can click on any of the topics to simply check that one out if it interests you! NOTE: Articles are read from LEFT to RIGHT via 2 columns! Read the first column all the way down and then move to the next one!
πΈ Key Links πΈ
Here's a quick run down on all the main links that are in the article in case you want to check them out first. π LinkedIn Version π Patreon Version
π Wifi Hacking with Aircrack-ng
Premise πΈπΈππΈπΈ
So how does the process work? Well it depends on the type of Wireless security you are trying to crack. In this case since itβs WPA2, the end goal is to intercept the main handshake that occurs between the host and access point when it connects to the network.
Now you might be wondering, how do you get that information if host systems are already connected to AP? The handshake is complete so thereβs no way to get that information right? Wait for them to reconnect? Why wait when you can just force them. What you essentially need to do in order to bypass the security, is βde-authenticateβ them from the network, forcing them to reconnect.
In order to do this you need to tell the AP directly to de-authenticate them since itβs impossible to talk to the specific hosts on the network when you donβt have access to it.Think of the WAP as an HTTP web application server you can send requests and various HTTP headers to, to invoke various responses. In this process we are essentially doing the same thing, sending the right data packets in order to kick end users off the main access point and scan for the handshake in the process. All you NEED, is the right NIC card to perform passive recon for data packets.
The first step is to use airmon-ng in order to place your main NIC card into something that is called βmonitor modeβ. Monitor mode allows your NIC card to perform passive recon and sniff out any WAPβs, as well as host systems connected to them. It can also be used to check and kill any processes that might interfere with the scan such as the NetworkManager service for example. The next step is to use the airodump-ng command in order to scan RF channels to search for the SSID of the network AP you wish to target.
Once found, you can hone in on the AP and see any and all main systems that are connected to it as well, including any MAC addresses that could possibly allow you to bypass stuff like MAC filters that require you to have a trusted MAC address in order to connect to the network.
Next thing you want to do, while scanning the main AP with airodump-ng is pop open another shell session and then use the aireplay-ng command in order to send authentication packets to force end users to reconnect in order to secure the handshake. THIS PROCESS DOES TAKE TIME.
Now the question is, how to defend against this. Nowadays, APβs are essentially βrandomizingβ the frequency channel to prevent people from scanning the access point.If you canβt scan it, then you canβt see the hosts that are on the network, as well as secure the main handshake. Itβs something so simple that can stop hackers in their tracks.
If you like to see the more advanced version of this article that talks about methods that can be used to mitigate, as well as any videos included, SUBSCRIBE TO MY PATREON CYBER SECURITY TIER!
If you enjoyed this post give it a thumbs up! Iβll be keeping track of whose reacting from now on as there is a βspecialβ reason for it. Just know the more you support my content the more there is in stored!
- The Hacker Who Laughs πΈπΈππΈπΈ
