April 14, 2015

Wireless Penetration Tests are one of my favourite subjects. It allows a Penetration Tester to dismantle s0-called security in 90% of all times whilst sitting in the car park outside the company being tested. Attack vectors against Wireless Networks are plentiful and unlike with Web App Pentesting or large scale Network Pentesting, no expensive tools are needed. When it comes to software, Kali Linux once again is the choice. However, whilst Kali has a lot of good Wifi Pentesting tools, it doesn’t come with a very cool script called PwnSTAR. This script is basically all a Wifi Pentester needed to launch Cracking, Evil Twin and other MITM attacks against the tested network. Due to its open source code, it’s very customizable and adaptable.

Some features:

  • Honeypot
  • WPA handshake capture and cracking
  • Sniffing
  • web server with dnsspoof
  • Karmetasploit
  • Browser_autopwn

As always, only use this script against your own Wifi Network or if you have the written permission of the customer undergoing a Pentest engagement with you.

https://github.com/SilverFoxx/PwnSTAR

Share

Wireless Drone In-Security

Author: Martin Voelk
April 6, 2015

We were recently engaged by a toy drone manufacturer to test how secure/in-secure those Wireless drones are. The results were somewhat expected as with most things in technology. Upon research we stumbled across a website from Poland which detailed the process of taking over other Wireless drones. After some more research we assembled a little test setup and tested against the manufacturer drone. The takeover took less than 5 minutes. Whilst the threats to toy drones are not really a huge risk, commercial drones delivering goods to the home are on the horizon and many new agencies report on such efforts. A customer would not be happy if the ordered goods never arrive etc.

It’s surprisingly easy on how to take control of toy drones. For those interested in learning more about the methodologies behind, here is the full How-To: http://samy.pl/skyjack/

Share

Cracking WPA/WPA2 PSK

Author: Martin Voelk
November 30, 2014

Share

November 30, 2014

Share

November 30, 2014

Share

November 30, 2014

Share

November 30, 2014

Share

Defeat Wireless Hackers Game

Author: Martin Voelk
November 29, 2014

Share

Wireless Penetration Testing Tools

Author: Martin Voelk
November 27, 2014

Wireless Networks are probably one of the easiest entry points into IT along with the traditional weaknesses of human security. In recent Wireless Penetration Tests we were able to get hold of sensitive business information such as usernames and passwords in 98% of all assessments. Even a strong WPA encrypted WLAN doesn’t prevent Man-in-the middle attacks.

For those of you who would like to try MITM yourself, all you need is a Google Nexus tablet (rooted) or an Android phone along with the following Apps.

  • zANTI
  • dSploit
  • Intercepter

Those 3 tools offer anything you need for Man-in-the-Middle testing.

Share