Blog

Post Connection Attacks: Protocol Downgrade Attack

In the previous chapters we managed to sniff login credentials from sites that use HTTP, but since many sites now have TLS/SSL protection added, we need to use additional tools. One of these tools is called SSLStrip which was made by Moxie Marlinspike. SSLstrip will transparently hijack HTTP traffic and watch for HTTPS links and … Continue reading Post Connection Attacks: Protocol Downgrade Attack

Advertisements

Post Connection Attacks: Man in the Middle & ARP poisoning

In our last chapter there was a problem if you are using a switched network where your router is a switch, router does not reflect traffic between two ports, so you can’t see traffic between your devices unless it is broadcast packets or your own. If we want to see the client's packets anyway we need … Continue reading Post Connection Attacks: Man in the Middle & ARP poisoning

Post Connection Attacks: Sniffing Login Information with Wireshark

When we finally have the network password, it is time to actually start capture & analyze data and to implement your own attacks. One of the easier ways is to start up Wireshark and start listening to the network. Start by putting your wlan adapter to monitor mode and open up Wireshark. Choose your adapter … Continue reading Post Connection Attacks: Sniffing Login Information with Wireshark

Testing KRACK vulnerability of clients and access points

In this blog post, we will be testing our clients and access points to see if they are vulnerable to the KRACK attack. KRACK attack, or Key Reinstallation AttaCK, is an attack against the 4-way handshake of the WPA2 protocol. It was discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven. In the attack, the malicious host tricks a victim … Continue reading Testing KRACK vulnerability of clients and access points

Man-In-The-Middle Social Engineering Attack

Not all hardware are vulnearable, but all systems have one thing in common- they are operated by users. Social engineering targets the users since many times they are the most vulnearable part of any system. We learned about a man-in-the-middle social engineering attack called Fluxion. Fluxion is a remake of an attack called Linset. This … Continue reading Man-In-The-Middle Social Engineering Attack

Cracking through the Access Point running WPA2 protection with WPS PIN

Wi-Fi Protected Setup (WPS) is a protocol created by Wi-Fi Alliance, and it's goal is to allow for an easy way to connect devices to your Wi-Fi network. You can connect your device into your access point with WPS by pressing a button on your access point and on your wireless device or you can also … Continue reading Cracking through the Access Point running WPA2 protection with WPS PIN

Cracking WPA/WPA2-PSK with a dictionary attack

One of the things that we will try out with breaking through WPA and WPA2, is by using a dictionary attack. Dictionary attack is a technique to break through an authentication mechanism by trying to figure out it's decryption key or passphrase by trying out hundreds, thousands or even billions of likely possibilities. Most vulnerable … Continue reading Cracking WPA/WPA2-PSK with a dictionary attack