- Vulnerabilities
- Packet Capture
- Network Scanners
- Wireless Scanners/Crackers
- General Scanners
- Web Application Scanners
- Cyber Threat Intelligence
- Summary
- Test Your Skills
This chapter is from the book
This chapter is from the book
This chapter is from the book
Wireless Scanners/Crackers
Wireless networks are ubiquitous today. For this reason, scanning the wireless network, and even testing its security by attempting to crack it, is an important activity for any network administrator. The network scanners mentioned in the previous section can be used for wireless networks, but there are also tools specifically designed for Wi-Fi that you can use as well.
In addition to scanning, many of these Wi-Fi tools will attempt to crack your Wi-Fi. They will essentially attempt either to derive the password or circumvent the security. It is important that network security professionals scan their network with tools like this to find issues before an attacker does.
Aircrack
Aircrack is one of the most popular tools for scanning and cracking Wi-Fi. It is a free download, and you can get it at http://www.aircrack-ng.org/. There are actually a few tools in this download. One, called wzcook.exe, will try to extract wireless data, including the password, from the local machine on which it is installed. But that is not the part we are interested in here. The main tool is aircrack-ng. It is a command-line tool, and you can see it in Figure 8-9.
)
FIGURE 8-9 Aircrack-ng.
It takes a bit of time to get comfortable with all of the command line flags; however, this is a very important tool and well worth the time spent. The reason why it is so important is that it is very popular with attackers. If you scan your wireless network with the same tool that attackers are likely to use, and you find problems and correct those, then your network is less vulnerable to wireless attacks.
When you download Aircrack you will notice a number of executables in the bin directory. There is airdecloak-ng.exe; airodump-ng.exe; aircrack-ng-avx2.exe; etc. Each of these has a different wireless function. Here are a few basic commands:
airodump-ng interface: This will do packet capture for the interface designated.
airodump-ng -c 11 --bssid 00:01:02:03:04:05 -w dump interface: The -c indicates the Wi-Fi channel, in this case 11. The -w indicates to dump to hard drive. The -bssid will define the bssid of the wireless you wish to capture. For older encryption, like WEP, you can capture around 50,000 packets and you should be able to crack it.
aircrack-ng -b 00:01:02:03:04:05 dump-01.cap: This tells Aircrack to take the packet dump and try to crack it.
