The threat of information leakage via unencrypted wireless networks is quite real and needs to be taken into consideration. Especially if you’re an organization\/entity, who handles sensitive information.<\/p>\n
Today I’ll be covering a simple demonstration that will have 3 hosts. The three hosts are as follows:<\/p>\n
Host A (Attacker)
\nHost B (Client)
\nHost C (Server)<\/p>\n
Host A will be running kismet, so it will not be connected to the network. The network will only have MAC filtering deployed. Host B and C will be wireless clients on the network, but I will set up netcat loops that will just simply print a string over the network.<\/p>\n
Host B will be running this:<\/p>\n
while true; do echo \"CAPTURE THIS WHILE NOT CONNECTED\" | nc -w2 hostC 8080; done<\/pre>\nHost C will be running this:<\/p>\n
while true; do nc -l -s hostCIP -p 8080 -vv; done<\/pre>\nHost A which is the attacker, will simply be within close range of the network and will give the kismet log files a name as well by doing:<\/p>\n
kismet -t capture-test<\/pre>\nOnce kismet has started to run, make sure to use ‘L’ to lock onto the channel that the wireless network is on. With this done, wait a few minutes and you should have captured the test string.<\/p>\n
To view your captured information, you need to view the contents of the dump files. The dump files are located in\/var\/log\/kismet<\/strong>.<\/p>\nUpon location of the dump file, what worked for me was using egrep<\/strong> to look for the captured string.<\/p>\negrep 'CAP*' capture-test*.dump <\/pre>\nThis may ‘bork’ your terminal, so just use reset<\/b>. Per contra, you should see the captured text. <\/p>\n
This simple demo demonstrates how real of a threat passive wireless sniffing devices are. If you’re curious, I actually used my Nokia N810 as the attacker. \ud83d\ude42<\/p>\n
I’ll have more to come as usual… (I’m back in school so I’m going to have less time to work on ettersploit \ud83d\ude41 )<\/p>\n","protected":false},"excerpt":{"rendered":"
The threat of information leakage via unencrypted wireless networks is quite real and needs to be taken into consideration. Especially if you’re an organization\/entity, who handles sensitive information. Today I’ll be covering a simple demonstration that will have 3 hosts. The three hosts are as follows: Host A (Attacker) Host B (Client) Host C (Server) … Continue reading Kismet: passively sniffing wireless network traffic<\/span>