Skip to main content

Wireless Hacking Part-1


What is Wifi?
It is wireless Internet connection through a wireless router which is transmitting data in specific high frequency radio signal.

Evolution of 802.11
1:802.11 legacy
2:802.11a – 5.4GHz,1999,orthogonal frequency Multiplexing
3:802.11b—2.4GHz ,CSMA/CA,11mbps
4:802.11g—2003,backward compatible,54mbps
5:802.11n – MIMO,150mbps,2.4-5GHZ
6:802.11ac – underdevelopment,6.9Gbps,8-MIMO streams etc…



Modes
There are 6 modes of wifi :
1. Monitor
2. Master
3. Managed
4. Ad-hoc
5. Mesh
6. Repeater
7.Promoscuios 

To know the wireless mode that you are running can be checked by following command :

iw phy phy1 info 

1. Master : It is Access Point or Base Station, it€™s an embedded device with a proprietary OS or slim down Linux installation setup to provide network access to clients.
2. Managed : Infrastructure Mode, are considered clients or stations and are the devices connected to an access point. Your laptop, Nintendo, iPhone, etc..
To connect in managed Mode:
iwconfig wlan0 mode managed
iwconfig wlan0 essid Hostelj (Hostelj is the access point name it may be different I have taken it for the sake of the example)
iwconfig wlan0 (see if it has associated with the access point)

3. Ad-hoc: Also know as peer-to-peer.
Ad-Hoc network to communicate with each other, they must use the same ESSID
setup.
iwconfig wlan0 channel 1 essid myadhocnetwork mode ad-hoc
(myadhocnetwork is the name if the access point)
4. Mesh :
It is a planned ad-hoc network.
Mesh networks, or mesh clouds, are comprised of radios acting as routers, gateways and clients.
Mesh network node communicate as long as there is a common communication channel
Lets take and  example that node A can talk to node C if they are both within range of node B. Likewise, if a node were to go down a mesh can heal itself by routing through other nodes in the network.

5. Repeater : In this mode it connect to a wireless network, and repeat the signal.


 Wifi Frames
Following Types of wireless frame exist:
1:Management Frames
a)Beacons:Beacons frames are like someone shouting 'I am Here' and telling about his presence.Access     point shout loudly in their vicinity telling every client about his existence. 
b)Probes:Probes frames comes in two flavour.Probe Request and Probe Response.When a client need some info about an access point it sends a probe request and access point respond to it by sending what we call probe Response.Probes Response contain info about access point like channel it uses,frequency,band available,data rates etc.
c)Authentication:Two types are request and response.client send request for authentication that contain   some secret and AP replies according to it by sending auth Response 
d)Association:whenever a client passes authentication step it moves to association step in which it send a association request and AP respond by sending association response.Its a way the AP allocate resource for new client.Association frame have three types:1:Association Request,2:Association Response,3:Disassociation

2:Control Frames
 RTS(Request to send):Name clearly tells what these frames are meant for. 
CTS(Clear to send)
Ack to send

3:Data Frame
 Meat of whole 802.11 protocol structure.

Thats all for part one,this may be little boring to read all this theory but believe me if you really want to
hack something then you should  known its basics clearly.
In Next Part We will do Some practicals  to understand  the importance of what we have just studied.

Comments

Popular posts from this blog

Install Virtual Box On Kali Rolling

If you facing problem with virtualbox installation on kali rolling edition because of its outdated kernel 4.3.0-kali1-amd64 then this post is for you only.

Step1: Install latest kernel. First search the cache for list of available ones apt-cache search linux-headers
Depending upon the list choose one from the set and install install it.
you can download kernel file using wget from ubuntu source also.
example:wget kernel.ubuntu.com/~kernel-ppa/mainline/v4.4.3-wily/linux-image-4.4.3-040403-generic_4.4.3-040403.201602251634_amd64.deb
for more refer to this post: link

Step2:
Edit the boot entry /boot/vmlinuz-(New Linux kernel Version) & /boot/initrd.img-(New Linux kernel version) in grub menu.

Before making boot entry changes be sure these files exist in the /boot directory after running install command.
In my case following new file got created in /boot folder:

1)vmlinuz-4.6.0-kali1-amd64
2)initrd.img-4.6.0-kali1-amd64

Thats all you need to do to install any virtual software on kali r…

Hacking Windows 10 UWP App: DLL Injection & common Vulnerabilities

I recently started working on  widows 10 Apps( Apps not Applications) security. Before diving deep in hacking terms lets try to understand what's new in Windows 10 UWP( Universal Platform) as compared to old Apps. Lets begin with how apps actually work on windows 10(desktop/tablet). Now windows 10 comes with a container only for running apps inside the isolated environment. By default, /APPCONTAINER(Linker Flag) is off. This option modifies an executable to indicate whether the app must be run in the appcontainer process-isolation environment. Specify /APPCONTAINER for an app that must run in the appcontainer environment—for example, a Windows Store app. (The option is set automatically in Visual Studio when you create a Windows Store app from a template.) For a desktop app, specify /APPCONTAINER:NO or just omit the option. The /APPCONTAINER option was introduced in Windows 8.
Now there is no registry entry concept for these app in the System HIVE rather they install they own hiv…

Cyberoam Login Brute Force Script

#
#  ('-.               .-') _                         ) (`-.               _  .-')
#  ( OO ).-.          (  OO) )                         ( OO ).            ( \( -O )
#  / . --. / ,--.     /     '._     ,------.,--. ,--. (_/.  \_)-.  .----.  ,------.
#  | \-.  \  |  |.-') |'--...__) ('-| _.---'|  | |  |  \  `.'  /  /  ..  \ |   /`. '
#.-'-'  |  | |  | OO )'--.  .--' (OO|(_\    |  | | .-') \     /\ .  /  \  .|  /  | |
# \| |_.'  | |  |`-' |   |  |    /  |  '--. |  |_|( OO ) \   \ | |  |  '  ||  |_.' |
#  |  .-.  |(|  '---.'   |  |    \_)|  .--' |  | | `-' /.'    \_)'  \  /  '|  .  '.'
#  |  | |  | |      |    |  |      \|  |_) ('  '-'(_.-'/  .'.  \  \  `'  / |  |\  \
#  `--' `--' `------'    `--'       `--'     `-----'  '--'   '--'  `---''  `--' '--'
# Cyberaom brute force Script
# @aut…