Penetration Test - Select Your Attacks(6)
Wireless Exploits
WIRELESS AND RF VULNERABILITIES
- Wireless and RF vulnerabilities
- Broadcast is wide open
- aircrack-ng
- Evil twin - rogue WAP used to eavesdrop
- Karma attack (Karma Attacks Radio Machines Automatically)
- Downgrade attack - attempt to negotiate a more insecure protocol
- Deauthentication attacks
- DoS attacks, disrupt communication between user and WAP
- Fragmentation attacks
- DoS attack, floods a network with datagram fragments
- Credential harvesting
- Process of capturing or discovering valid login
- Social engineering, etc
- WPS implementation weaknesses
- Several consumer grade WAPs could allow an attacker to learn the WPS PIN
OTHER WIRELESS VULNERABILITIES
- Bluejacking
- Unsolicited messages to a Bluetooth - enabled device
- Bluesnarfing
- Stealing information from Bluetooth - enabled device
- RFID Cloning
- Unauthorized copy of device's RF signal
- Jamming
- DoS attack, disables communication among devices
- Repeating
- Receiving and retransmitting a signal to increase range
QUICK REVIEW
- Anyone can receive wireless traffic - unencrypted means anyone can read it
- Evil twins can trick users into using your access point instead of a valid one
- Multiple attacks are emerging for Bluetooth devices
- IoI makes wireless vulnerabilities much more prevalent
相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。