Chapter 8. Wireless Penetration
Wireless networks have become increasingly popular for personal and business use. Unfortunately, for wireless networks as for most other technological advances, security has been an afterthought. Thus, the current state of wireless technology is such that wireless networks in general are not secure by default and cannot be easily secured. The three tools (Aircrack, Airpwn, and Karma) presented in this chapter take advantage of weaknesses in 802.11 wireless networks in order to compromise them.
Aircrack monitors legitimate wireless traffic in order to crack the encryption key being used. Knowing this key allows an attacker to access the wireless network and paves the way for further attacks. Aircrack is introduced in Aircrack.
Airpwn monitors legitimate wireless traffic and, based on preconfigured search patterns, injects attacker-controlled data into the network, thus allowing for sophisticated attacks. Airpwn can use the WEP key uncovered by Aircrack to compromise encrypted networks. Airpwn is introduced in Airpwn.
Karma impersonates wireless networks, tricking careless wireless clients into connecting to an attacker-controlled network. Karma is introduced in Karma.
The chapter starts with a discussion of wireless encryption technology to establish the current state of wireless security.
WEP and WPA Encryption
Wireless Equivalent Privacy (WEP) is one method of securing the network. Most wireless vendors include it by default as part of the IEEE 802.11 ...