Following the
success of last week, we got through the tasks for this week
satisfyingly and the final completion seems to be coming.
Since we did not
meet the requirement of learning 802.11 MAC frames, we first supplemented some knowledge
about it and we would like to learn more about types of MAC frames in the next
week.
This week, the
three main achievements are realizing the deauth attach, the decryption and the
corresponding detection to a WPA-encrypted network. WPA2 is more complex but
theoretically similar, so we temporarily skip it and will experiment on a
network of this type if time allows.
As the picture
shows, we used the command ‘aireplay-ng’ again to realize the attack. The number
‘100’ in the code means to attack 100 times and the following two addresses
indicate the AP and a client respectively. As a result, the connection between
them was cut off.
Next is the
decryption. As method of exhaustion costs too much time, we downloaded a dictionary
file to help encrypt and apparently this method is rather convenient. The key
was quickly found, namely ‘qwertyui’ as we set before. The result is shown in
the screenshot below:
Finally, we used
Kismet to detect the intrusion. All networks and attacks were under the detection
of Kismet. When a client was attacked, Kismet started to analyse and an Alert
file was generated. The result is shown in the screenshot below:
We can find ‘broadcast
deauthenticate/disassociation’ repeatedly which indicate the network being
attacked.
However, we are
still trying to inform the clients of the attack in some way.
Next week, we will
get more familiar with Kismet and concentrate on some details. In addition, our
blog and poster need some attention.
没有评论:
发表评论