Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Kali Linux Wireless Penetration Testing Beginner???s Guide

You're reading from   Kali Linux Wireless Penetration Testing Beginner???s Guide Master wireless testing techniques to survey and attack wireless networks with Kali Linux, including the KRACK attack

Arrow left icon
Product type Paperback
Published in Dec 2017
Publisher
ISBN-13 9781788831925
Length 210 pages
Edition 3rd Edition
Arrow right icon
Authors (3):
Arrow left icon
Vivek Ramachandran Vivek Ramachandran
Author Profile Icon Vivek Ramachandran
Vivek Ramachandran
Cameron Buchanan Cameron Buchanan
Author Profile Icon Cameron Buchanan
Cameron Buchanan
Daniel W. Dieterle Daniel W. Dieterle
Author Profile Icon Daniel W. Dieterle
Daniel W. Dieterle
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Wireless Lab Setup FREE CHAPTER 2. WLAN and Its Inherent Insecurities 3. Bypassing WLAN Authentication 4. WLAN Encryption Flaws 5. Attacks on the WLAN Infrastructure 6. Attacking the Client 7. Advanced WLAN Attacks 8. KRACK Attacks 9. Attacking WPA-Enterprise and RADIUS 10. WLAN Penetration Testing Methodology 11. WPS and Probes A. Pop Quiz Answers Index

KRACK attack overview


KRACK stands for Key Reinstallation AttaCKs. It's a tranche of vulnerabilities publicly disclosed in October 2017 by a team from KU Leuven. The attack is the exploitation of a fundamental flaw in the WPA2 handshake, allowing resending of a stage of the handshake in order to overwrite cryptographic data. This chapter will cover the attack at a theoretical level and provide some guidance on the successful identification and exploitation of this vulnerability.

Let's look at the WPA2 handshake, the standard for which can be found in the IEEE 802.11 standards, accessible here: http://ieeexplore.ieee.org/document/7792308/. For this explanation we are starting post-association and authentication stage as the vulnerability is not affected by those.

The Pairwise Transient Key (PTK) used for encryption is made up of five attributes:

  • A shared secret key known as the Pairwise Master Key (PMK)

  • A nonce value created by the access point (ANonce)

  • A nonce value created by the user station...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image