Difference between revisions of "WiFi security"
Jump to navigation
Jump to search
| (2 intermediate revisions by the same user not shown) | |||
| Line 10: | Line 10: | ||
=== WPS === | === WPS === | ||
| − | + | [[WiFi#WPS|WPS]] is broken. Leave this disabled on the router. | |
| + | ==== Pixie Dust ==== | ||
| + | [https://null-byte.wonderhowto.com/how-to/hack-wifi-using-wps-pixie-dust-attack-0162671/] | ||
[https://gadgetcubes.in/hack-wifi-using-kali-linux-crack-wpa-wpa2-psk-password/] | [https://gadgetcubes.in/hack-wifi-using-kali-linux-crack-wpa-wpa2-psk-password/] | ||
| + | [https://www.hackingtutorials.org/wifi-hacking-tutorials/pixie-dust-attack-wps-in-kali-linux-with-reaver/] | ||
=== WPA2 === | === WPA2 === | ||
| − | .. | + | * [https://hexway.io/research/r00kie-kr00kie/ r00kie kr00kie] using the kr00k vulnerability |
| + | |||
| + | === Social Engineering === | ||
| + | * [https://github.com/FluxionNetwork/fluxion Fluxion] using [[captive portal]] | ||
| + | |||
| + | == Related == | ||
| + | * [[nmap]], [[vulscan]] | ||
Latest revision as of 18:48, 14 August 2020
Security-related topics around using WiFi.
Contents
Vulnerabilities
Here are some things to watch out for when setting up your WiFi.
WEP
WEP is broken. Use WPA2 instead. Initialization vectors (IVs) leak statistical data leading to the encryption key.[1]
aircrack-ng may be used to gather IVs over time and then use this information to more easily guess the password.
WPS
WPS is broken. Leave this disabled on the router.
Pixie Dust
WPA2
- r00kie kr00kie using the kr00k vulnerability
Social Engineering
- Fluxion using captive portal
