This workshop will briefly go over the Wi-Fi basics and known security issues, covering WPA2-Personal, WPA2-Enterprise, WPS, and then focusing on the most recent developments in Wi-Fi such as KRACK, and will include hands-on labs. The workshop will also cover direct attacks against wireless clients and access points, such as router vulnerabilities, rogue access points and denial-of-service attacks.
To get the most out of this workshop, attendees are encouraged to:
- Have a machine with Kali Linux installed (either as a virtual machine or directly).
- Bring a packet-injection capable wireless card, such as the Alfa AWUS036h.
- Ideally, be familiar with setting up their wireless card in monitor mode to minimize setup time during the workshop.
- Attendees are also encouraged to bring any Wi-Fi-related equipment that they would like to show off!
- Introduction & Quick Overview of 802.11 basics
- What is Wi-Fi and how does it work?
- What are control frames, management frames, etc.
- What is the difference between a/b/g/n?
- What hardware do I need to start hacking?
- Attacks on WPA-Personal
- Attacks on WPS
- Attacks on WPA-Enterprise
- Other attacks on Wi-Fi
- Attacks on access points
- Attacks on clients
- DoS attacks
- Attacking the Wi-Fi firmware (Broadcom vulnerabilities)
- Other recent developments (KRACK)
- Notes on WPA3