WiFi Pentesting

Basic tools:

(update driver in kali --> https://www.youtube.com/watch?v=tYnjMiTTdms)

  1. Check the version of WL722N (if you have v2/v3, continue)

└─$ lsusb               
Bus 001 Device 003: ID 2357:010c TP-Link TL-WN722N v2/v3 [Realtek RTL8188EUS]
  1. Update and Upgrade

sudo apt update
sudo apt upgrade
  1. Install additional tools

sudo apt install bc
  1. Restart kali VM

  2. Install additional software

sudo apt install build-essential
sudo apt install libelf-dev
sudo apt install linux-headers-`uname -r`
sudo apt install dkms


sudo rmmod r8188eu.ko
git clone https://github.com/aircrack-ng/rtl8188eus
cd rtl8188eus
sudo -i
echo "blacklist r8188eu" > "/etc/modprobe.d/realtek.conf"
  1. Restart kali VM

  2. Install driver

sudo apt update
cd rtl8188eus
sudo make
sudo make install
sudo modprobe 8188eu

Alfa Network

  1. Check the usb adapter

└─$ lsusb               
  1. Update and Upgrade

sudo apt update
sudo apt upgrade
  1. Install additional tools

    sudo apt install bc
  2. Restart kali VM

  3. Install additional software

sudo apt install build-essential
sudo apt install libelf-dev
sudo apt install linux-headers-`uname -r`
sudo apt install dkms

Then restart.

If it doesn't work, install the driver manually:

  1. Install driver

sudo apt install realtek-rtl88xxau-dkms
  1. Restart kali VM

  2. Install the additional driver, make sure that https://github.com/aircrack-ng/rtl8814au.git same as your adapter's chipset.

git clone https://github.com/aircrack-ng/rtl8814au.git
cd rtl8814au
make
sudo make install
  1. Unplug and plug again the Alfa adapter

  2. check with this command iwconfig

Check the adapter

iwconfig
# output:
# wlan0    unassociated  Nickname:"<WIFI@REALTEK>"
#          Mode:Auto  Frequency=2.412 GHz  Access Point: Not-Associated   
#          Sensitivity:0/0  
#          Retry:off   RTS thr:off   Fragment thr:off
#          Power Management:off
#          Link Quality=0/100  Signal level=0 dBm  Noise level=0 dBm
#          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
#          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

# if it seems not like above, check using lsusb

lsusb
# output:
# Bus 001 Device 003: ID 2357:010c TP-Link TL-WN722N v2/v3 [Realtek RTL8188EUS]

sudo systemctl restart NetworkManager

Check Adapater

iw dev
iwconfig

Setup monitor mode

Kill process

This command stops network managers then kill interfering processes left:

sudo airmon-ng check kill

Note: It is very important to kill the network managers before putting a card in monitor mode!

ref: https://www.aircrack-ng.org/doku.php?id=airmon-ng

Monitor mode

ip link set wlan0 down
iw dev wlan0 set type monitor
ip link set wlan0 up

sudo airmon-ng start wlan0

# output:
# PHY     Interface       Driver          Chipset
# phy0    wlan0           8188eu          TP-Link TL-WN722N v2/v3 [Realtek RTL8188EUS]
#                 (monitor mode enabled)

Stop monitor mode

If you wanna change to the normal mode

sudo airmon-ng stop wlan0

Monitor

Make sure you have been set monitor mode.

Deauth Attack

Open Wireshark and set the filter.

(wlan.fc.type == 0) && (wlan.fc.type_subtype == 0x0c)

Monitor handshake

wlan.ssid == "<ssid name>" && eapol

wlan.bssid == "<bssid number>" && eapol

Wifite

The simple WiFi Attacking. Could detect active user on the network.

ref: https://www.youtube.com/watch?v=OdFvNLdccWQ

Wifiphisher

Installation

git clone https://github.com/wifiphisher/wifiphisher.git
cd wifiphisher
python3 setup.py install

Steps to deliver

# monitor mode
sudo airmon-ng start wlan0

# run wifiphisher
wifiphisher --force-hostapd

# select the SSID

# select scenarios

WPA2-E phishing

sudo apt install hostapd-wpe
# /etc/hostapd-wpe/

# copy the hostapd-wpe.conf and change something:
ssid and channel

sudo hostapd-wpe hostapd-wpe.conf

Last updated