Chapter 2 - 06 - Understand Wireless Network-specific Attacks - 04_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Information Security Attacks NFC Attacks Exam 212-82 Eavesdropping Data Modification Attack An attack in which a large and sophisticated antenna is used to record the communication A more dangerous attack that not only captures and stores the target’s data exchange...

Certified Cybersecurity Technician Information Security Attacks NFC Attacks Exam 212-82 Eavesdropping Data Modification Attack An attack in which a large and sophisticated antenna is used to record the communication A more dangerous attack that not only captures and stores the target’s data exchange but between NFC devices also modifies it using a radiofrequency device 4 Data Corruption Attack A type of DoS attack performed either by interfering or disrupting the data transmission or blocking the data channel so that the receiver is not able to decipher or read the data received o o] MITM Attack An attacker intercepts the communication between two NFC devices and attempts to modify the information being transmitted and forward it to the other communicating entity 4 ancil AlrRights Reserved, Reproductionis Strictly Prohibited. NFC Attacks Eavesdropping NFC technology broadcasts radio signals in the vicinity of the transmitter and not just to the intended receiver, there is a scope to grab signals as the communication takes place between the devices in close proximity. NFC eavesdropping is a consequence in which an antenna is used to record the communication between NFC and other devices, or we may simply say that one may record communications between NFC devices by means of large and sophisticated antenna. The main objective of this attack is to intercept the NFC exchange process to corrupt the information being exchanged and make it useless. To perform eavesdropping, attackers use an antenna to capture the communication between NFC devices. Organizations need to secure the NFC communication channel so that the information is encrypted and only an authorized device may decrypt it. Secondly, they need to set the range of NFC so that limited devices may be connected. Module 02 Page 337 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Original connection Source " Eavesdropping Attack o.."'Destination Attacker Figure 2.62: Eavesdropping attack Data Modification Attack The data modification attack is a more dangerous attack that not only captures and stores target’s data exchange but also modifies it using a radio frequency device. It is feasible in rare cases, particularly for NFC communication in active mode. This is a control-data attack that may constrain the NFC data exchange in the target network temporarily. The possibility of this attack depends on various factors, such as the strength of the amplitude modulation. Data Corruption Attack Data corruption attack is a type of DoS attack, where the third-party attempts to corrupt the data being transmitted between the two endpoints. This attack is performed either by interfering in or disrupting the data transmission or blocking the data channel so that the receiver is not able to decipher or read the data received. MITM Attack NFC is a short-range wireless technology that is used for financial transactions and data sharing. Due to the lack of device authentication, NFC communication may be exploited to perform attacks, such as man-in-the-middle, masquerading, eavesdropping, etc. NFC tags are used as passive data stores that may be rewritable, which is a serious drawback as data may be modified by performing a man-in-the-middle attack. Performing an MITM attack is a difficult task and often practically infeasible. In this attack, attackers eavesdrop on communication and attempt to manipulate and transmit it to the NFC reader. Thus, an attacker intercepts the communication between two NFC devices; that is, the attacker’s device acts as a relay agent between the communicating devices. After intercepting the data, the attacker attempts to modify the information being transmitted and then forwards it to the other entity in the communication. The two legitimate devices cannot notice the interception of messages and MITM attack. Module 02 Page 338 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Wireless Attack Tools. Afrorackin: S nitg Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker, and an analysis tool for 802.11 wireless networks; the program runs in Linux and Windows T BRirbase-ng BRircrack-ng ARirdecap-ng Captures WPA/WPA2 Defacto WEP and WPA/WPA2PSK cracking tool Decrypts WEP/WPA/ WPA2 and handshake and can act as an ad-hoc AP Rirtun-ng Creates a virtual tunnel interface to monitor encrypted traffic and inject on wireless interfaces from managed mode and vice versa BRirgraph-ng arbitrary traffic into a network Enables communication WEP-encrypted Airdecloak-ng Airodump-ng Used to capture packets of raw 802.11 frames and collect WEP IVs Rirolib-ng Stores and manages essid and password lists used in WPA/WPA2 cracking Airdrop-ng Used for targeted, rulebased deauthentication of users Packetforge-ng via a Used to create encrypted AP without Wesside-ng Used for traffic generation, fake authentication, packet replay, and ARP request injection Incorporates different techniques to seamlessly obtain a WEP key within minutes Wireless airodump file packets that can subsequently the knowledge of the WEP key Aireplay-ng relationship and common probe graph from can be used to strip the wireless headers from Wi-Fi packets Copyright © by Removes WEP cloaking from a pcap file Creates client-to-AP Easside-ng Airmon-ng Used to enable monitor mode T be used for injection EC-L Reserved. Reproductio ictly Prohibited Attack Tools (Cont’d) Rirserv-ng Allows multiple Tkiptun-ng Injects frames into a programs toindependently use a Wi-Ficard WPATKIP network with QoS and can recover a connection from Wi-Fi traffic viaaclient-server TCP MIC key and keystream WZCook Recovers WEP keys from XP’s wireless zero configuration utility Copyright © by ECL L Al Rights Reserved. Reproduction is Strictly Prohibited Wireless Attack Tools Discussed below are some of the important wireless attack tools: = Aircrack-ng Suite Source: http://www.aircrack-ng.org Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2 PSK cracker, and analysis tool for 802.11 wireless networks. Module 02 Page 339 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 This program runs under Linux and Windows. o Airbase-ng: It captures the WPA/WPA2 handshake and can act as an ad-hoc AP. o Aircrack-ng: This program is the de facto WEP and WPA/WPA2 PSK cracking tool. o Airdecap-ng: It decrypts WEP/WPA/ WPA2 and can be used to strip wireless headers from Wi-Fi packets. o Airdecloak-ng: It removes WEP cloaking from a pcap file. o Airdrop-ng: This program is used for the targeted, rule-based de-authentication of users. o Aireplay-ng: It is used for traffic generation, fake authentication, packet replay, and ARP request injection. o Airgraph-ng: This program creates graph from an airodump file. a client—=AP relationship and common probe o Airmon-ng: It is used to switch from the managed wireless interfaces and vice versa. o Airodump-ng: This program is used to capture packets of raw 802.11 frames and mode to the monitor mode on collect WEP |Vs. o Airolib-ng: This program stores and manages ESSID and password lists used in WPA/ WPA2 cracking. o Airserv-ng: It allows multiple client—server TCP connection. o Airtun-ng: It creates a virtual tunnel interface to monitor encrypted traffic and inject arbitrary traffic into a network. o Easside-ng: This program programs to independently allows the user to communicate without knowing the WEP key. use a Wi-Fi card via a via a WEP-encrypted AP o Packetforge-ng: Attackers can use this program to create encrypted packets that can subsequently be used for injection. o Tkiptun-ng: It injects frames into a WPA TKIP network with QoS and can recover MIC o Wesside-ng: This program incorporates various techniques to seamlessly obtain a WEP key in minutes. o W2ZCook: It is used to recover WEP keys from the Wireless Zero Configuration utility of Windows XP. keys and keystreams from Wi-Fi traffic. Module 02 Page 340 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Figure 2.63: Screenshot of Aircrack-ng Module 02 Page 341 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Use Quizgecko on...
Browser
Browser