Penetration Test - Select Your Attacks(6)

Wireless Exploits

WIRELESS AND RF VULNERABILITIES
  • Wireless and RF vulnerabilities
    • Broadcast is wide open
    • aircrack-ng
  • Evil twin - rogue WAP used to eavesdrop
    • Karma attack (Karma Attacks Radio Machines Automatically)
    • Downgrade attack - attempt to negotiate a more insecure protocol
  • Deauthentication attacks
    • DoS attacks, disrupt communication between user and WAP
  • Fragmentation attacks
    • DoS attack, floods a network with datagram fragments
  • Credential harvesting
    • Process of capturing or discovering valid login
    • Social engineering, etc
  • WPS implementation weaknesses
    • Several consumer grade WAPs could allow an attacker to learn the WPS PIN
OTHER WIRELESS VULNERABILITIES
  • Bluejacking
    • Unsolicited messages to a Bluetooth - enabled device
  • Bluesnarfing
    • Stealing information from Bluetooth - enabled device
  • RFID Cloning
    • Unauthorized copy of device's RF signal
  • Jamming
    • DoS attack, disables communication among devices
  • Repeating
    • Receiving and retransmitting a signal to increase range
QUICK REVIEW
  • Anyone can receive wireless traffic - unencrypted means anyone can read it
  • Evil twins can trick users into using your access point instead of a valid one
  • Multiple attacks are emerging for Bluetooth devices
  • IoI makes wireless vulnerabilities much more prevalent
posted @ 2020-09-19 11:30  晨风_Eric  阅读(75)  评论(0编辑  收藏  举报