book

Building a Pentesting Lab for Wireless Networks

Name: Building a Pentesting Lab for Wireless Networks
ISBN: 9781785283154

by Andrey Popov, Vyacheslav Fadyushin, Aaron Woody

March 2016

Beginner to intermediate

264 pages

5h 40m

English

Packt Publishing

Read now

Unlock full access

Building a Pentesting Lab for Wireless Networks
Table of Contents
Building a Pentesting Lab for Wireless Networks
Credits
About the Authors
About the Reviewers
www.PacktPub.com
eBooks, discount offers, and moreWhy subscribe?
Preface
What this book covers
What you need for this book
Who this book is for

Conventions
Reader feedback
Customer support
Downloading the example codeErrataPiracyQuestions
1. Understanding Wireless Network Security and Risks
Understanding wireless environment and threatsAn overview of wireless technologiesAn overview of wireless threatsWi-Fi media specifics
Common WLAN protection mechanisms and their flaws
Hiding SSIDMAC filteringWEPWPA/WPA2Pre-shared key modeEnterprise modeWPS
Getting familiar with the Wi-Fi attack workflow
General Wi-Fi attack methodologyThe active attacking phaseWPA-PSK attacksEnterprise WLAN attacks
Summary
2. Planning Your Lab Environment
Understanding what tasks your lab should fulfillObjectives of a labLab tasksNetwork reconnaissanceWeb application hackingHacking and researching network servicesAD hackingDBMS hackingNetwork layer attacksWi-Fi penetration testingMan-in-the-middle attacks
Planning the network topology
Choosing appropriate components
Network devicesServer and workstation components
Planning lab security
Access controlIntegrated security mechanismsSecurity solutions
Security hints
Summary
3. Configuring Networking Lab Components
General lab network communication rules
Configuring hardware wired devices
Preparing the console connection on WindowsCore switchInitial configurationConfiguring interfaces and VLANsHardening the core switchConfiguring subinterfaces and subnetsConfiguring auxiliary servicesBasic gateway hardening
Configuring virtual wired network devices
Network virtualization platformSoftware installationInitial configurationNetwork topology implementationSwitchGatewayVirtual host emulationWireless hardware devices
Configuring WLANs
Guest WLANPreparing the hardware access point
Summary
4. Designing Application Lab Components
Planning services
Creating virtual servers and workstations
VirtualBox overview and installationCreating virtual machinesConfiguring network settings of lab components
Installing and configuring domain services
Creating a domainCreating usersAdding hosts to the domain
Certification authority services
Creating a root certificateCreating a working certificateInstalling a root certificate
Installing a remote management service
Corporative e-mail service
Configuring a DNS serverInstalling and configuring hMailServer
Installing vulnerable services
Installing web applications
Preparing a web serverWebGoatDVWALiferay PortalMetasploitableVulnerable VoIP server
Summary
5. Implementing Security
Network-based security solutionsConfiguring network access controlIsolating external and guest networksIsolating internal VLANsSecuring wireless accessPreparing the RADIUS serverPreparing the certificatesConfiguring RADIUSclients.confeap.confConfiguring the access pointConfiguring the WLAN clientInstalling a network intrusion detection systemActivating SPANSnortInstalling SnortConfiguring SnortSnort rules
Host-based security solutions
Workstation securityEMETHIPSWeb application firewallClamAVInstallingConfiguringUsage and integration with the mail serverOSSECInstallingConfiguringConnecting OSSEC agents
SIEM
InstallingConfiguration wizardConfiguring HIDS
Summary
6. Exploring Hacking Toolkits
Wireless hacking toolsAircrack-ngContentExerciseManaExercise
Infrastructure hacking tools
NmapScripting engineExampleEttercapExerciseMetasploit FrameworkMeterpreterExampleArmitageVeil-Evasion framework
Cracking tools
John The RipperExampleHashcatExample
Web application hacking tools
Burp SuiteExample
Summary
7. Preparing a Wireless Penetration Testing Platform
Common variants of the pentesting platform
Choosing an interface
Installing the necessary software
Preparing configs and scripts
Standalone Hostapd-based APsAutomating the AP setupConfiguration for WPE-Enterprise
Preparing a Kali USB stick
Creating a USB stick under WindowsCreating a USB stick under LinuxMaking an encrypted persistent partition
Summary
8. What's Next?
What you can learnInfrastructure penetration testingWeb application and web-services hackingMobile securityIoT
Courses and certificates
EC-Council security trackOffensive Security trainingsGIAC
Pentesting standards
Information sources
Summary
Index

Content preview from Building a Pentesting Lab for Wireless Networks

Preparing configs and scripts

We have installed the necessary tools in our Wi-Fi pentesting system, but it is just a part of the preparation work. In order to be able to use some of them, we need to prepare some configuration files and develop a script to automate some tasks.

Note

You might need to tweak some of the configs and scripts given in this chapter in order to make them work with your hardware and software setup.

We would like to start with Hostapd. We mostly use it in two situations: when we need to install a fake AP to attack clients' traffic and to set an AP with FreeRADIUS-WPE when we attack WPA-Enterprise protected networks.

Standalone Hostapd-based APs

To install a rogue AP for client traffic or phishing attacks you can use Hostapd in ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Build Your Own Security Lab: A Field Guide for Network Testing

Publisher Resources

ISBN: 9781785283154

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design