📡Wireless Pentesting

A page for documenting Wi-Fi commands, hacking, tools and basic concepts.

Wi-Fi basic commands

ip link show #List available interfaces
iwconfig #List available interfaces
airmon-ng check kill #Kill annoying processes
airmon-ng start wlan0 #Monitor mode
airmon-ng stop wlan0mon #Managed mode
airodump-ng wlan0mon #Scan (default 2.4Ghz)
airodump-ng wlan0mon --band a #Scan 5Ghz
iwconfig wlan0 mode monitor #Put in mode monitor
iwconfig wlan0mon mode managed #Quit mode monitor - managed mode
iw dev wlan0 scan | grep "^BSS\|SSID\|WSP\|Authentication\|WPS\|WPA" #Scan available wifis

Attacks Summary

• DOS

  • Deauthentication/disassociation -- Disconnect everyone or Specific clients

  • Beacon Flooding

  • Authentication Denial-Of-Service

  • SSID Probing and Bruteforcing

  • Michael Countermeasures Exploitation

  • EAPOL Start and Logoff Packet Injection

  • Attacks for IEEE 802.11s mesh networks

  • WIDS Confusion

• WEP aproach

• WPA/WPA2 - PSK

  • Handshake Capture

WEP

You got a all-in-one in attack one attack in airgeddon. Nowadays this security protocol is obsolet.

GitHub - v1s1t0r1sh3r3/airgeddon: This is a multi-use bash script for Linux systems to audit wireless networks.GitHub

Resources

• Hacktrickz - https://book.hacktricks.xyz/generic-methodologies-and-resources/pentesting-wifi

• Null Byte - https://null-byte.wonderhowto.com/how-to/wi-fi-hacking/