Secret Guide to Wireless Hacking (Tools included)

Posted in Network Security by Abhinab On October 17, 2011. 1 Comment

With the advent of wireless technology, we stand amongst many open  connections or wireless network which lure us to use them and under most cases escape unhurt but sometimes, we get trapped as well. If you are not aware of the risks of using an open end wireless connection let us start with some basic facts related to wireless hacking.

  1. If you are using a wireless connection, with no encryption (WEP or WPA or etc etc) medium, chances are that all your data is vulnerable to be intercepted in between your system and the wireless router. If you are wondering what this trick is called, it is called sniffing. We will get to this topic down below.
  2. For every wireless router connected with your machine the man behind the router can easily track back each and every move you make. Say for example your mail passwords, names of the sites you visited and all communications  as they are stored under a single log file, which is in plain simple text format.
  3. It is accounted as criminal offense under many countries which implements cyber law. If you are caught, you will have to pay the fine or may be spend some time in jail if the prosecutor is a ruthless person.

Coming back to our basic topic on how to hack a wireless network. There are generally three types of scenario for related to a wireless network.

A. Open connection with no password required.
B. Closed connection which requires a pass key to connect.
C. Hide Connection from all users except the ones listed in the router panel.
For Situation of type A, you need to follow a single principle. Surf the Internet as much as you want but do not use it for checking mails and other sensitive credentials which require a user-name and password. I forgot to mention you can download as much as you want but don’t become greedy.
For Situation of Type B, you will need tools and programs to help you out. I have listed below some best available wireless hacking tools, which you can use easily. Remember to use these tools for ethical purpose. If you violate any rules and regulations of your country and get grounded, remember to publish your story in the comment section.
For Situation of Type C, Wireshark is a simple program which will list all hidden wireless network in your range. Some may be open while others may require an Authentication key. Choose from the tools listed below to help you out further.

Wireless Hacking Tools

Wireshark

On September midweek wireshark has been listed as most important open source program which can help a network Administrator for the windows platform. It is available for all platforms including Mac OS and Linux. The windows version works with ease and can help you to perfectly determine all the loop holes in your wireless network. In short, you can count it as something which can provide you better security if used under ethical aspect and it can be lethal if used for ethical means. All manuals and working principles are provide with the program.

Kismet

A very simple yet effective program to find hidden wireless networks. There is nothing that a network admin can do to hide wireless channel from this program.It can easily identify802.11n,802.11g, 802.11a,  and 802.11b channels. All one can do is to provide a tough encryption (wep + wpa) so that the network is hard to break in. Though there are tools which can break it as well if cunningly exploited.

Network Miner

It is a very rarely used tool but I loved the way it functions. Many professional users are very much aware of it but wont easily share it up with all. It was developed as Forensic Analytic tool for Netresec, but every ethical tool has been blended to work for unethical purpose by hackers.
It supports a lot of features including Geo IP localization, command line scripting and OS fingerprinting. There are two version available for this tool – Free and Professional.  A little bit of digging in Google can help you find a full version.

Net Stumbler

A very old program and I guess the development has been discontinued after 2009. You can download the program form the official website. The best thing about this program is that it can help you with many things under one graphical user interface. Though it is not as much as efficient as the other tools listed in here but it is a good starter kit for beginners.
It was very popularly used for war driving during the last part of the decade. The tool is not much lethal for modern day encryption but it is definitely competent enough to challenge the wireless network.

Yersinia

The current version supports Cisco VTP DoS exploit. It is best suited to find some major flaws in the network protocol and rectify/exploit them. It is used by many ethical hackers to test the deployed network architecture. It can be used to test and compromise DHCP, Inter-switch Link protocol and VLAN Trunking protocol. If you are serious about learning the steps of wireless hacking, this tool can definitely be your helping and learning guide.

Nmap

Network Mapper is an open source program available under GPL. It was designed as security auditor and later implemented by many hackers for reverse engineering purpose. The basic steps are very easy to understand and it can be a good tool to carry out post process tasks after carrying out the wireless attack. It has a bunch of versatile functions and almost all of the functions can be easily used by any starter to pro hacker.

Air Snort

If there is any tool which can be used to test and penetrate any wireless network, we are definitely talking about Air Snort. It can sniff fragments of packets from the wireless channel and can easily arrange them to break the hash key to compromise the network. The only protection from this tool is to change your Authentication key frequently and manage an access list for granting the access permission.

How to clear Log files and Cache after the Attack

Wireless hacking tools are easy to download and implement but you might become a victim if a trace back is done. To ensure that you are always protected from ping back do remember to implement these feel safe steps:
  1. Change You MAC address before you start testing/ exploiting any network.
  2. Do not use or surf sites which can help identify your where about.
  3. Do not use Gmail, yahoo or any such sites which requires user-name, password.
  4. Clear all temporary file and cookies after you are done testing/ exploiting wireless networks.
  5. Clear all logs from the router settings by simply clearing them from the router settings. Different routers have different settings for storing log files. You will have to manually scan all the features to find this thing.
  6. Use Log deleter to ease your trouble.
  7. Follow the rules and regulations defined in your country and stay out of trouble.

Some people might find this article as negatively inclined, but in this field of ethics and exploitation you must learn what evil steps are so that you can counterfeit them to build a more secure network. Be curious, be wise.

Related Posts

Latest Comments
  1. Lilia Izard

    Wireless routers are heaven sent for me since i really hate messy wirings at home and at work. ;:;’;

    See all of the best and newest blog post on our new blog
    http://www.melatoninfaq.com/melatonin-side-effects/

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>