Chapter 2 - 06 - Understand Wireless Network-specific Attacks - 04_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
Tags
Related
- Chapter 2 - 03 - Understand Network-level Attacks - 01_ocred.pdf
- Chapter 2 - 03 - Understand Network-level Attacks - 05_ocred.pdf
- Chapter 2 - 03 - Understand Network-level Attacks - 07_ocred.pdf
- Chapter 2 - 03 - Understand Network-level Attacks - 08_ocred.pdf
- Chapter 2 - 06 - Understand Wireless Network-specific Attacks - 04_ocred.pdf
- Chapter 2 - 06 - Understand Wireless Network-specific Attacks - 03_ocred_fax_ocred.pdf
Full Transcript
Certified Cybersecurity Technician Information Security Attacks NFC Attacks Exam 212-82 Eavesdropping Data Modification Attack An attack in which a large and sophisticated antenna is used to record the communication between NFC devices A more dangerous attack that not only captures and stores...
Certified Cybersecurity Technician Information Security Attacks NFC Attacks Exam 212-82 Eavesdropping Data Modification Attack An attack in which a large and sophisticated antenna is used to record the communication between NFC devices A more dangerous attack that not only captures and stores the target’s data exchange but also modifies it using a radiofrequency device 4 A Data Corruption Attack A type of DoS attack performed either by interfering or disrupting the data transmission or blocking the data channel so that the receiver is not able to decipher or read the data received 0 o o] (o] MITM Attack An attacker intercepts the communication between two NFC devices and attempts to modify the information being transmitted and forward it to the other communicating entity 4 ancil AlrRights Reserved, Reproductionis Strictly Prohibited. NFC Attacks Eavesdropping NFC technology broadcasts radio signals in the vicinity of the transmitter and not just to the intended receiver, there is a scope to grab signals as the communication takes place between the devices in close proximity. NFC eavesdropping is a consequence in which an antenna is used to record the communication between NFC and other devices, or we may simply say that one may record communications between NFC devices by means of large and sophisticated antenna. The main objective of this attack is to intercept the NFC exchange process to corrupt the information being exchanged and make it useless. To perform eavesdropping, attackers use an antenna to capture the communication between NFC devices. Organizations need to secure the NFC communication channel so that the information is encrypted and only an authorized device may decrypt it. Secondly, they need to set the range of NFC so that limited devices may be connected. Module 02 Page 337 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Original connection Source " Eavesdropping Attack o.."'Destination Attacker Figure 2.62: Eavesdropping attack Data Modification Attack The data modification attack is a more dangerous attack that not only captures and stores target’s data exchange but also modifies it using a radio frequency device. It is feasible in rare cases, particularly for NFC communication in active mode. This is a control-data attack that may constrain the NFC data exchange in the target network temporarily. The possibility of this attack depends on various factors, such as the strength of the amplitude modulation. Data Corruption Attack Data corruption attack is a type of DoS attack, where the third-party attempts to corrupt the data being transmitted between the two endpoints. This attack is performed either by interfering in or disrupting the data transmission or blocking the data channel so that the receiver is not able to decipher or read the data received. MITM Attack NFC is a short-range wireless technology that is used for financial transactions and data sharing. Due to the lack of device authentication, NFC communication may be exploited to perform attacks, such as man-in-the-middle, masquerading, eavesdropping, etc. NFC tags are used as passive data stores that may be rewritable, which is a serious drawback as data may be modified by performing a man-in-the-middle attack. Performing an MITM attack is a difficult task and often practically infeasible. In this attack, attackers eavesdrop on communication and attempt to manipulate and transmit it to the NFC reader. Thus, an attacker intercepts the communication between two NFC devices; that is, the attacker’s device acts as a relay agent between the communicating devices. After intercepting the data, the attacker attempts to modify the information being transmitted and then forwards it to the other entity in the communication. The two legitimate devices cannot notice the interception of messages and MITM attack. Module 02 Page 338 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Wireless Attack Tools ©. Afrorackin: Arcrackie S uitz nitg Aircrack-ngis Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker, and an analysis tool for 802.11 wireless networks; the program runs in Linux and Windows T T ARirbase-ng BRirbase-ng BRircrack-ng ARirdecap-ng Captures WPA/WPA2 Defacto WEP and WPA/WPA2PSK cracking cracking tool tool PSK Decrypts WEP/WPA/ WPA2 and handshake and can act as an ad-hoc AP Airmon-ng Used to enable Rirtun-ng ARirtun-ng Creates aa virtual virtual tunnel tunnel interface interface to to Creates monitor mode monitor encrypted encrypted traffic traffic and and inject inject arbitrary traffic into a network on wireless interfaces from managed mode mode and and vice vice versa versa managed ARirgraph-ng BRirgraph-ng can be used to strip the wireless headers from Wi-Fi packets Easside-ng Enables communication Airdecloak-ng Airdecloak-ng AT Used to capture packets Airodump-ng Airdrop-ng Used Used for targeted, rulebased deauthentication of users WEP-encrypted AP without the knowledge of the WEP key essid and password lists used in WPA/WPA2 cracking Incorporates different techniques to seamlessly obtain a WEP key within minutes Used to create encrypted packets that can subsequently be used for injection Cll. Al Rights Reserved. Reserved. Reproductio Reproductio ictly Prohibited. ( b ) (Cont’d) Cont d collect WEP IVs Rirolib-ng Airolib-ng Wesside-ng Used for traffic generation, fake authentication, packet replay, and ARP request injection airodump file Wireless Attack Tools of of raw raw 802.11 802.11 frames frames and and Stores and manages Aireplay-ng Creates client-to-AP relationship and common common probe probe graph graph from from and Packetforge-ng via a Copyright © by EC EC-L Removes WEP cloaking from a pcap file TT Rirserv-ng Airserv-ng Allows multiple Tkiptun-ng WZCook to indepenprograms toindependently useaa Wi-Ficard dently use WPA TKIP network with WPATKIP Recovers WEP keys from from XP’s XP's wireless wireless connection MIC key and keystream from Wi-Fi traffic utility viaaclient-server TCP Injects frames into a QoS and can recover a zero configuration Copyright © byby EECL el L Al Rights Reserved. Reproduction is Strictly Prohibited Prohibited. Wireless Attack Tools Discussed below are some of the important wireless attack tools: = Aircrack-ng Suite Source: http://www.aircrack-ng.org Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2 PSK cracker, and analysis tool for 802.11 wireless networks. Module 02 Page 339 Certified Cybersecurity Technician Copyright © by EC-Council EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 This program runs under Linux and Windows. o Airbase-ng: It captures the WPA/WPA2 handshake and can act as an ad-hoc AP. o Aircrack-ng: This program is the de facto WEP and WPA/WPA2 PSK cracking tool. o Airdecap-ng: It decrypts WEP/WPA/ WPA2 and can be used to strip wireless headers from Wi-Fi packets. o Airdecloak-ng: It removes WEP cloaking from a pcap file. o Airdrop-ng: This program is used for the targeted, rule-based de-authentication of users. o Aireplay-ng: It is used for traffic generation, fake authentication, packet replay, and ARP request injection. o Airgraph-ng: This program creates graph from an airodump file. a client—=AP relationship and common probe o Airmon-ng: It is used to switch from the managed wireless interfaces and vice versa. o Airodump-ng: This program is used to capture packets of raw 802.11 frames and mode to the monitor mode on collect WEP |Vs. o Airolib-ng: This program stores and manages ESSID and password lists used in WPA/ WPA2 cracking. o Airserv-ng: It allows multiple client—server TCP connection. o Airtun-ng: It creates a virtual tunnel interface to monitor encrypted traffic and inject arbitrary traffic into a network. o Easside-ng: This program programs to independently allows the user to communicate without knowing the WEP key. use a Wi-Fi card via a via a WEP-encrypted AP o Packetforge-ng: Attackers can use this program to create encrypted packets that can subsequently be used for injection. o Tkiptun-ng: It injects frames into a WPA TKIP network with QoS and can recover MIC o Wesside-ng: This program incorporates various techniques to seamlessly obtain a WEP key in minutes. o W2ZCook: It is used to recover WEP keys from the Wireless Zero Configuration utility of Windows XP. keys and keystreams from Wi-Fi traffic. Module 02 Page 340 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Figure 2.63: Screenshot of Aircrack-ng Module 02 Page 341 Certified Cybersecurity Technician Copyright © by EC-Council EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited.