Hacking_and_Penetration_Testing_with_Low_Power_Devices
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Starter set of tools<br />
87<br />
<strong>and</strong> possibly airbase-ng <strong>and</strong> aireplay-ng to crack the target network. These tools will<br />
be covered more fully in later chapters. For now, we will only concern ourselves <strong>with</strong><br />
installing what we need for successful penetration tests.<br />
There are a number of excellent sources for learning wireless hacking techniques.<br />
Vivek Ramach<strong>and</strong>ran has produced an outst<strong>and</strong>ing wireless networking megaprimer<br />
that is available at SecurityTube (http://www.securitytube.net/groups?operation¼<br />
view&groupId¼9). Vivek’s megaprimer is also available in the form of his book<br />
BackTrack 5 Wireless <strong>Penetration</strong> <strong>Testing</strong> Beginner’s Guide (Packt, 2011).<br />
If your target network is employing an enterprise scheme, you might need to<br />
install an authentication server such a FreeRADIUS. Installing FreeRADIUS is as<br />
simple as running sudo apt-get install freeradius. Setting up a FreeRADIUS<br />
server can be complicated. Joshua Wright <strong>and</strong> Brad Antoniewicz have developed<br />
a patch to FreeRADIUS known as FreeRADIUS-WPE (Wireless Pwnage Edition)<br />
that performs this configuration for you. Unfortunately, this is through a patch to<br />
the 2.02 version. In order to use FreeRADIUS-WPE, you will need to download<br />
the2.02sourcefromftp://ftp.freeradius.org/pub/radius/old/freeradius-server-2.0.<br />
2.tar.gz <strong>and</strong> then download the patch from http://www.willhackforsushi.com/<br />
code/freeradius-wpe/freeradius-wpe-2.0.2.patch. Full details on installing the<br />
patch can be found at http://www.willhackforsushi.com/FreeRADIUS_WPE.<br />
html.<br />
Some of the tools included <strong>with</strong> aircrack-ng are interactive. These tools do not<br />
lend themselves well to use <strong>with</strong> drones. Rather, some scripting packages such<br />
as Scapy are more appropriate. Scapy will be discussed later in this chapter. The<br />
following script can be used to install these two tools:<br />
#!/bin/bash<br />
# Script to install aircrack-ng <strong>and</strong> also freeradius-wpe<br />
#<br />
# Originally created by Dr. Phil Polstra<br />
# for the book<br />
# <strong>Hacking</strong> <strong>and</strong> <strong>Penetration</strong> <strong>Testing</strong> With <strong>Low</strong> <strong>Power</strong> <strong>Devices</strong><br />
#install aircrack-ng<br />
sudo apt-get install aircrack-ng jj echo "aircrack-ng not installed"<br />
#download freeradius 2.0.2<br />
cd /tmp<br />
wget ftp://ftp.freeradius.org/pub/radius/old/freeradius-server-\<br />
2.0.2.tar.gz<br />
tar xzf freeradius-server-2.0.2.tar.gz<br />
# download the patch<br />
wget http://www.willhackforsushi.com/code/freeradius-wpe\<br />
/freeradius-wpe-2.0.2.patch