Wireless networks are common in enterprise environments, making them a prime target for penetration testers. Additionally, misconfigured wireless networks can be easily cracked, providing penetration testers with a great deal of valuable information about the network and its users. This article explores some of the most widely-used tools for different aspects of wireless network hacking.
Kismet is one of the most famous Wi-Fi hacking tools available. It is a network sniffer capable of monitoring 802.11 wireless traffic as well as other wireless protocols, such as Bluetooth and Zigbee.
Wireshark is designed to be an intuitive and easy-to-use tool, but it is designed for network traffic analysis. This means that, while the tool may be easy to use and invaluable for wireless hacking, an understanding of network fundamentals is necessary to use it effectively.
Kali Linux NetHunter is an open-source version of the Kali Linux operating system for Android devices. It provides several different tools for Wi-Fi hacking and mobile penetration testing, including Wireless 802.11 frame injection and one-click MANA Evil Access Point setup.
Wireless network hacking is an essential skill set for the modern penetration tester. While the tools described in this post are organized into categories, many have functionality that spans multiple different areas. Gaining familiarity with a few different wireless hacking tools can be a valuable investment in an ethical hacking career.
The new SHODAN Hacking Database (SHDB) input dictionary file containing 167 queries that allow users to uncover interesting information via the SHODAN search engine. This dictionary helps target various technologies including webcams, printers, VoIP devices, routers, switches, and even SCADA/Industrial Control Systems (ICS) just to name a few. This dictionary comes preloaded with SHODAN Diggity (part of the SearchDiggity attack tool suite), which provides an easy-to-use scanning interface to the popular SHODAN hacking search engine, using the SHODAN API.
Previously, the Google Diggity hacking tools provided an extra bonus feature of allowing you to specify a Google Custom Search Engine (CSE) id to have search queries performed against a custom Google engine of your creation.
One of the Windows zero-days flagged by Hickey is dubbed Eternalblue. It exploits a remote code-execution bug in the latest version of Windows 2008 R2 using the server message block and NetBT protocols. Another hacking tool known as Eternalromance contains an easy-to-use interface and "slick" code. Hickey said it exploits Windows systems over TCP ports 445 and 139. The exact cause of the bug is still being identified. Friday's release contains several tools with the word "eternal" in their name that exploit previously unknown flaws in Windows desktops and servers.
Still, the public distribution of some of the NSA's most prized hacking tools is sure to cause problems. In a post published by the Lawfare website, Nicholas Weaver, a security researcher at the University of California at Berkeley and the International Computer Science Institute, wrote:
Friday's dump also contains code for hacking into banks, particularly those in the Middle East. According to this analysis by Matt Suiche, a researcher and founder of Comae Technologies, Jeepflea_Market is the code name for a 2013 mission that accessed EastNets, the largest SWIFT service bureau in the Middle East. EastNets provides anti-money laundering oversight and related services for SWIFT transactions in the region. Besides specific data concerning specific servers, the archive also includes reusable tools to extract the information from Oracle databases such as a list of database users and SWIFT message queries.
The Shadow Brokers have already prompted a major internal investigation inside the NSA with the arrest of at least one agent accused of stealing 75 percent of the hacking tools belonging to the NSA's Tailored Access Operations group. But so far, there's no indication investigators have been able to tie the defendant to the Shadow Brokers. This latest dump is sure to make matters more urgent and will undoubtedly preempt the holiday plans for countless people in both government and private industry. 2b1af7f3a8