Sprint 3/4 Wifi Hacking

[seabar24]

This will have updates for Wifi Hacking.

Currently the method I'm using is a Kali Linux VM with Aircrack to initiate a Deauthentication Attack.

This will involve a USB Wifi Adapter that will have the Kali Linux box connect to the AP and be able to see each MAC Address of a device connected to the network. Then using Aircrack, you can execute commands to kick those devices off the network. This works with WPA2 and may still be vulnerable with WPA3.

Will update with documentation on process as well as demo video.

[seabar24]

Able to successfully download drivers and get Wifi working on Kali Box. Thanks to this github repo: https://github.com/morrownr/rtl8852bu?tab=readme-ov-file

Running into issues with Aircrack and specifically not being able to switch the wlan0 interface for Wireless Interface from managed to monitor without the connection being disrupted. Tried doing the airmon-ng start wlan0 but this does not create wlan0mon nor mon for monitoring, and just disconnects me from the Wifi. I've tried manually turning off wlan0 with ifconfig wlan0 down then doing a iwconfig wlan0 mode monitor and then ifconfig wlan0 up, but I still get disconnected. Looked into it more and thought it might've been a driver issue, but I have the correct drivers installed for the chipset. That being 0bda:B832 Realtek Semiconductor Corp chipset for drivers rtlu8832bu. I've tried doing airmon-ng check kill to kill processes possibly interfering with the monitoring process but that killed NetworkManager causing all interfaces and networking to be killed. With the NetworkManager killed I also tried manually turning on the interface with iwconfig wlan0 mode monitor and ifconfig wlan0 up but to no avail.

All of these resources were used for troubleshooting with Aircrack:

• https://unix.stackexchange.com/questions/162088/why-airmon-ng-does-not-create-a-monitoring-interface
• https://unix.stackexchange.com/questions/223625/cannot-connect-to-internet-after-using-airmon-ng-check-kill
• https://askubuntu.com/questions/909467/cant-start-wireless-after-performing-airmon-ng-check-kill-on-terminal
• https://www.reddit.com/r/Kalilinux/comments/nm14i5/my_wlan0_doesnt_change_to_wlan0mon_but_it_shows/
• https://github.com/morrownr/USB-WiFi/issues/275

[seabar24]

Might have to push this into Sprint 4 as there seems to be no way of completing this for Demo of Sprint 3.

[seabar24]

Update on Wifi Hacking: Check IoT Room Capstone Notes 4/4 - 4/5 for a full breakdown and update, but I was successfully able to do a Deatuhentication Attack to a Device.

The thing that fixed it was switching my Kali Box from NAT to Bridged and being connected to the network while having a wifi adapter to use. Then killing the Network Manager, doing airmon-ng and airodump-ng to get the mointoring and MAC Address of the Wifi. Then switched the interface for the Wifi Adapter to the channel for the airmon-ng so that I can monitor the Access Point that I was connected to. Then finally selected the device that was connected (my iPhone) and the ESSID of the AP and sent a successful Deauth to kick it off the Network!

Going to do a recording of this and link to it in both Sprint 4 and here.

[seabar24]

Also Going to Attempt a WPA3 Downgrade Attack.

Going to demonstrate that Deauth doesn't work with WPA3, Downgrade to WPA2, and then commit the Deauth Attack.

Source for Downgrade Attack: http://www.netprojnetworks.com/wpa3-downgrade-attack/

[seabar24]

Page made for Wifi Deauthentication

Wifi Deauthentication

[seabar24]

Wifi Hacking Complete. Moving to close.