Project Overview In this project I will be demonstrating a Network Attack with my home wifi; the intruder will find my network, gain access, scan my local devices, and start tapping the outbound traffic of a target device through ARP Poisoning.
- Setup For this project I will be using Parrot OS combined with a network adapter and the tools below.
airodump-ng aireplay-ng hashcat nmap ettercap wireshark
- Reconnaissance
Set the adapter in monitor mode and use airodump-ng to monitor networks within range. Target a network and get their BSSID and operating channel. Use airodump to associate clients with a given access point, get the client MAC address, and set a dumpfile to start collecting their network traffic/comms.
- De-authentication Attack use aireplay-ng to target a client, and send deauthentication packets to disassociate them with the AP, knocking them off the network.
- Capture EAPOL Handshake As the device reconnects to their trusted network, airodump will capture the WPA handshake between the client and the AP; you can verify all parts of the EAPOL message in Wireshark.
- Hashcat Password Attack Convert the file to be used with hashcat, and use a dictionary attack with a well known wordlist 'rockyou', combined with a rule list 'best64'. Weak or previously breached passwords will be cracked, and written out with the associated hash.
- Reconnaissance Access the network with the cracked password, run ifconfig to get local IP, use nmap to scan the network. nmap can be used to scan for vulnerabilities, scan hosts, and choose a weak target.
- Arp Poisoning, MiTM Use ettercap to create a man-in-the-middle attack, I am now sitting inbetween the router and the client, secretly forwarding & capturing the traffic.
- Packet Analysis Wireshark can be used for detailed packet capture and packet analysis. online tools can be used to analyze .pcap for ease of use.
