WiFi security self-defense
$whoami
- Igor Tarpan
- 2009 – 2013: Military Academy “Alexandru cel Bun” Chisinau
- 2013 – 2017: Networking team National Army Server/Service team National Army Security team National Army
- 2017 – Present : Information Security Engineer at Starlab
WiFi protocol (IEEE 802.11)
WiFi protocol (IEEE 802.11)
b,g,n
2.4 GHz up to 600 Mbit/s
a,ac
5 GHz up to 3466 Mbit/s
WiFi deffence
-
Protocols
WEP
WPA/WPA2
Authetntication: PSK / EAP
WPS
Chipher: AES, TKIP -
Aditional Techincs:
Hide SSID
MAC addres filtering -
IEEE 802.1X Authentication
WEP attack !
WEP Security
- 10 000 broadcast packets what's all what I need !
- Type (ARP,ICMP, IPv6-NDNP)
- Fragmentation frame attack
Only my granny WEP
WPS Security
WPS Security
-
8 digits pin = 100 000 000
-
Last simbol is checksum
-
Remain 7 digits pin = 10 000 000
-
COOL !
-
M4, M6 and EAP-NACK packets
-
1 part = 4 digits (10 000)
-
2 part = 3 digits (1000)
- 11 000 < 100 000 000
IEEE 802.1X
Typical authentication progression
- Initialization
- Initiation
- Negotiation
- Authentication
IEEE 802.1X
Typical authentication progression
- Initialization
- Initiation
- Negotiation
- Authentication
Demo Wigle
WPA/WPA2 hacking
WPA / WPA 2
- Home of office use
- PSK (AES or TKIP)
- AES international cryptography standard
- TKIP (use pack to pack encryption)
- Company or industrial
- EAP (Extensible Authentication Protocol
-
EAP Transport Layer Security
-
EAP-MD5
-
EAP Protected One-Time Password
-
EAP Pre-Shared Key
-
EAP Tunneled Transport Layer Security
-
EAP Internet Key Exchange
-
- EAP (Extensible Authentication Protocol
Password cracking
Top 100 passwords
Top 1000 passwords
Top 10 000 passwords
Top 99.99 passwords
…
Password Min 8 Max 63
Password pattern
Name+(2-4)
Lastname+(2-4)
name+(2-4)
lastname+(2-4)
Nr.tel+name
Nr.tel
Company+(2-4)
Company+(2-4)
Demo password generation
Tool Mentalist and deauth
How to protect ?
-
Use hard password (I know you will not)
-
Make misspelling in your password
Iggor
Igariok
Tarrpan
Gromeara
Anndreii* Separate networks
WiFi Evil Twin
WiFi Evil Twin
Ewill twin attack
Tool fluxion
How to protect ?
Open WIFI
Open WIFI
- Park WIFI
- Cafe WIFI
- Hotels WIFI
- Airport WIFI
- University /School WIFI
- Operators WIFI
- etc...
How to find ?
Wiredriving
- WiGLE
- https://wigle.net
- WiGLE Android
Demo Wigle
wigle.net and tool mdk3
How to protect ?
Karma attack
How Karma attack work
Hey Internet FREE ?
Hey Park WIFI ?
Hey Star Kebab Free WIFI ?
Hey Internet gratis ?
Hey Restaurant Codru ?
Hey Guest WIFI ?
How Karma attack work
I am Internet FREE !
I am Park WIFI !
I am Star Kebab Free WIFI !
I am Internet gratis !
I am Restaurant Codru !
I am Guest WIFI !
Demo Mana toolkit
Tool mana toolkit
How to protect ?
At the end
- Use only WPA2
- Do not connect to open wifi
- Turn off WIFI card when you not use it
- Disable auto connect to WIFI networks
- Beware strange messages in browser
- Use VPN (buy or create your own)
I am a hacker !!!
"With great power comes great responsibility"
Questions ?
Contacts:
Facebook: Igor Tarpan
e-mail: hi@tigorv.com , itarpan@starlab.md
WiFi security self-defense
By Igor
WiFi security self-defense
- 387