Wi-Fi Security

Retour à la liste des conférenciers et sessions

This workshop will briefly go over the Wi-Fi basics and known security issues, covering WPA2-Personal, WPA2-Enterprise, WPS, and then focusing on the most recent developments in Wi-Fi such as KRACK, and will include hands-on labs. The workshop will also cover direct attacks against wireless clients and access points, such as router vulnerabilities, rogue access points and denial-of-service attacks.

To get the most out of this workshop, attendees are encouraged to:

  • Have a machine with Kali Linux installed (either as a virtual machine or directly).
  • Bring a packet-injection capable wireless card, such as the Alfa AWUS036h.
  • Ideally, be familiar with setting up their wireless card in monitor mode to minimize setup time during the workshop.
  • Attendees are also encouraged to bring any Wi-Fi-related equipment that they would like to show off!

Workshop Outline

  • Introduction & Quick Overview of 802.11 basics
    • What is Wi-Fi and how does it work?
    • What are control frames, management frames, etc.
    • What is the difference between a/b/g/n?
    • What hardware do I need to start hacking?
  • Attacks on WPA-Personal
  • Attacks on WPS
  • Attacks on WPA-Enterprise
  • Other attacks on Wi-Fi
    • Attacks on access points
    • Attacks on clients
    • DoS attacks
    • Attacking the Wi-Fi firmware (Broadcom vulnerabilities)
    • Other recent developments (KRACK)
    • Notes on WPA3