In this Article we’ll be discussing about hacking WiFi and different types of WiFi hacking techniques
After reading this article you’ll be knowing about
Download AirCrack-ng from this site
The Caffe-Latte Attack:
The Cafe Latte attack allows you to obtain a WEP key from a client system.
Briefly, this is done by capturing an ARP packet from the client, manipulating it and then send it back to the client.
The client in turn generates packets which can be captured by airodump-ng. Subsequently,
aircrack-ng can be used to determine the WEP key.
aireplay-ng -6 -h 00:09:5B:EC:EE:F2 -b 00:13:10:30:24:9C -D rausb0
-6 means Cafe-Latte attack
-h 00:09:5B:EC:EE:F2 is our card MAC address
-b 00:13:10:30:24:9C is the Access Point MAC (any valid MAC should work)
-D disables AP detection.
rausb0 is the wireless interface name
Evil-Twin Attack with rouge Hotspot:
An evil twin attack is a very popular type of social engineering attack against the client.
The idea behind this attack is to create an access point with a name similar to what our victim’s and cause denial of service to the original access point.
This would make our victim connect to our fake access point thinking that it’s the original.
Furthermore an attacker would also spoof the MAC address of his interface to exactly match the MAC address of the real access point, so that it becomes much more difficult to detect. Let’s see how we would perform this attack in the real world:
1. We would use airodump-ng to scan for all neighboring access points.
2. We would note down the BSSID and change the MAC address of our interface to exactly match the BSSID of the real access point.
3. Then we would launch a fake access point with the same name as the original one.
4. Finally we would perform a De-authentication attack with mk3 or aireplay.
MAC Spoofing in Linux:
ifconfig wlan0 down - - Bringing the interfaces down so we can spoof the mac.
macchanger –m 20:10:74:c6:49:df mon0 – Changing with our desired mac addresses.
ifconfig mon0 up
Thanks for reading this article!