When beginning wifi pentesting, to prevent the pentest from getting into trouble with existing utilities such as network-manager and wpa_supplicant, check and kill all processes using the command:
airmon-ng check kill
You can also stop their services and their processes manually e.g. using the command:
service network-manager stop for network-manager and the kill <pid> command for wpa_supplicant.
i.e. search for their process by executing the command:
ps aux | grep wpa_supplicant
ps aux | grep NetworkManager
Obtain their PIDs and use them in the command:
e.g. kill 656
To stop and check their processes.
 |
| Stopping the processes |
Before making the scan with iwlist, make sure you disable/stop network-manager as it will clash with you preventing hopping between channels and scan the air. Use the command:
iwlist wlan0 scan
For less details on the scan which give you all you need, not so much what you want, use:
iwlist wlan0 scan | grep -i --color "essid\| channel\| quality\| address"
Testing Your Adapter For Wireless Penetration Testing
For the adapter to be suitable for wireless pentesting, it must pass the test for supporting packet injection and allowing monitor mode. Monitor mode is the same as promiscuous mode in wired networks. The capability of supporting packet injection will allow us to actively inject traffic into the network.
To put the adapter in monitor mode, execute the command:
airmon-ng start wlan0
Operation is a success if it allows monitor mode and on your interface changes from wlan0 to wlan0mon in Kali Linux and in Parrot Sec OS, a new wireless interface in monitor mode called prism0 is created.
In Kali Linux, confirm this using the command:
iwconfig wlan0mon | grep Mode
Where mode should actually read monitor and not Managed or anything else.
Next, to test for packet injection, execute the command:
aireplay-ng -9 wlan0
Where the -9 option means that it is an injection test (the full form is --test )
Aireplay-ng is a tool designed to generate and inject frames. If the Injection is working, a string appears in the output, then the test is successful and our adapter supports packet injection.
The test provides other valuable information as well, for instance; the channel that the
wireless interface is using and the access points that it found through responses to
the broadcast probes or received beacons and the relative connection qualities.
Well that's it for now, next article we'll go straight into the hacking.
No comments:
Post a Comment