Whether you're a beginner or a pro, HakTip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems... Read More
Today we're continuing our WiFi series with the example of cracking a WPA-Pre Shared Key. We started by diving into a PSK brute force with John the Ripper with a previously captured 4-way handshake. Since we've taken a step back and covered promiscuous and monitor mode in terms of packet sniffing, and how MAC addresses come into play here. And now we'll cover the ingredients needed for this recipe of passphrase cracking delightfulness.
As I just mentioned our wireless NIC is in monitor mode airmon-ng start wlan0. This is just one of 6 modes that our wireless NIC can operate in. The other 5 are: Master, Managed, Ad-hoc, Mesh and Repeater.
A wireless NIC in Master Mode is often referred to as an Access Point or Base Station. Typically it's an embedded device with a proprietary OS or slim down Linux installation setup to provide network access to clients.
My WiFi Pineapple here for instance is an access point and I can see the NIC is in Master mode by issuing iwconfig ath0
Now if I come back to my localhost and issue lsusb I see I have my trusty Realtek 8187L installed. And if I check airdriver-ng loaded I see that it's using the mac80211 driver. With that I know to use the iw command to check the cards capabilities. I just need to know the physical ID first, so running airmon-ng shows that it's phy1. So now running iw phy phy1 info will show me all of its supported modes. Of course this is a lot of output. Typically I've been piping this output to more or less, but today I'll pipe it to rep.
Grep will show me just what I ask for. In this instance I'm looking for the word "modes". Issuing iw phy phy1 info | grep modes yields a match, but I'll need to see a few lines past. For that I'll tack on A8 to get 8 lines following. iw phy phy1 info | grep -A8 modes shows me that my card only supports the managed and monitor modes.
So that brings us to Managed:
Interfaces in Managed Mode, aka Infrastructure Mode, are considered clients or stations and are the devices connected to an access point. Your laptop, Nintendo DS, iPhone, etc.
To connect to my open access point here I can issue iwconfig wlan1 mode managed then iwconfig wlan1 essid Pineapple. If I check iwconfig wlan1 I can see it has associated with the access point.
Ad-hoc, aka Peer-to-Peer, is a mode where wireless devices can communicate with each other without the need for a centralized base-station or access point. This can be useful for small groups of devices in close proximity, but the performance will decrease as the number of devices increases.
For all of the devices on the Ad-Hoc network to communicate with each other they must use the same ESSID. To setup my interface I'll issue iwconfig wlan0 channel 1 essid myadhocnetwork mode ad-hoc
Now I can see here my cell is not associated, and that's because this radio is the only one on this ad-hoc network. How sad? I'd tell wlan1 to join wlan0 so they can party together, but as we discovered just a moment ago wlan1 only supports the managed and monitor modes.
The next wireless mode is Mesh. You can think of a mesh as a sort of planned ad-hoc network. Mesh networks, or mesh clouds, are comprised of radios acting as routers, gateways and clients. In a mesh network nodes can communicate as long as they have at least one common connection. For example node A can talk to node C if they are both within range of node B. Likewise, if a node were to go down a mesh can heal itself by routing through other nodes in the network.
We could probably do an entire series on mesh networking, but suffice it to say for now that's the list.
And our final mode is Repeater. A wireless interface in repeater mode can be configured to connect to a wireless network, and repeat the signal. The practical application here is to extend the range of a single access-point.
And as always we value your feedback and suggestions. If you have a tip to share with me, email firstname.lastname@example.org. And be sure to check out our sister show Hak5 for more great stuff, just like this. I'll be there reminding you to trust your technolust.
Computer disasters eventually happen to everyone - (your computer crashes, gets infected with a virus, you drop it, theft, fire, etc.), but if you get Carbonite Online Backup before your disaster then NO NEED TO WORRY because your files will be backed up automatically and safely offsite and it's really easy to get them back. Plus, you get anytime, anywhere access to your backed up files from any computer ñ or on your smartphone or iPad with a free Carbonite app! With Carbonite, unlimited backup for your PC or Mac is just $59 a year. That's less than $5 a month. But when you use the offer code Hak5 to start your Free 15-day Trial you'll get Two Months Free if you decide to buy. All the details are at Carbonite.com and remember to use the offer code Hak5 to get Two Months Free with purchase.
8 days ago
Employers want social media passwords, US gets a #CPO, and #TheOnion! All that and more this time on #ThreatWire! http://t.co/SrZpicvnt6
11 days ago
#Installing #Solar panels, #Google #Chrome #extensions, and more on @Hak5! http://t.co/QppYLgZpi5
11 days ago
Legalizing #Internet eavesdropping, #LivingSocial is #hacked, and more on this weeks #ThreatWire! http://t.co/xyIxzy8kes
11 days ago
@thescribe I didn't! They were disabled and enabled throughout the segment. Each one has a different icon. - @Snubs
11 days ago
@myraitnetwork thank you!
26 days ago
#PGP #Encrypt your email, back up your #Gmail Account with #Ubuntu, text #messaging your #WiFi #Pineapple On #Hak5! http://t.co/KSZeO4GEPU