Ethical Hacking Lab

Computer Science

University of Michigan

Question Description

This lab requires a special Wireless USB NIC and a Kali machine with the NIC installed. Please make sure you have these before selecting the question. You can do this in a VM if you want. Below is an attachment of the actual lab and the walk through (Yes Walkthrough).

Unformatted Attachment Preview

IA445 Wi-Fi Hacking: WPA2PSK (Home Version) Lab Setup: In normal situation, the lab environment has already been setup in Room 6. But since you will carry out this lab at home this time, you must do it by yourself with your own equipment. The correct setup is critical to the success of the lab. 1. A special Wireless USB NIC and a Kali machine with the NIC installed: You must obtain a wireless NIC card with a chipset that can do “rfmon” mode and supported by Kali. This N I have been successfully using the following NIC for in-class wi-fi lab. I purchased from Amazon: . Other choices of supported chipset are possible, such as Atheros AR9271, Ralink RT3070, Ralink RT3572, Realtek 8187L (Wireless G adapters) , Realtek RTL8812AU, Ralink RT5370N. You might already have a wireless NIC that come with one of the chipsets. You can find more details at this website: 2. The “Victim” Network: You should pick a wireless network with WPA2PSK enable and you must already know the passphrase of the network. Ideally, the AP should be the one you own. You will not break anything. Instead, you will only test the capturing and cracking the 4-way handshake. You should NOT test with a WPA-PSK wireless network that you are not authorized to access. 3. The “Victim” Client: the “victim” network must have at least a wireless Client connecting to it. This client could be your cell phone or any mobile device using this wireless network. Your lab starts here: The Attacker: A Kali VM with the required wireless USB NIC installed. *Note: For some Kali versions, the NIC card might be “hardware blocked” by the VMware. If this happens, please use a physical machine or an earlier version of Kali instead. Please refer to the appendix for the instruction to install the USB wireless NIC in the VM. Make use you assign more than 2G memory to your Kali VM Step1: Check NIC card compatibility In KALI command line, type in the following: airmon-ng Make sure the NIC card is listed; note the interface name (e.g. “wlan0”) Step2: enable monitor mode on the NIC card, Type in the following: airmon-ng start wlan0 The wlan0 interface is now in monitor mode. The monitoring interface has a new name such as “wlan0mon”. *Note: You might need to run the following command to stop network managers and then kill interfering processes before you can start the monitoring mode airmon-ng check kill Step3: Discover Wi-Fi networks • Type in the following: airodump-ng wlan0mon • Let it run for a while. Then Use “ctrl-c” to stop. • Observe the output Please note: your target has a SSID of the network you know passphrase of. ** Take screen shot for documentation. Write down the channel number, the SSID, and BSSID of the victim AP. You will need this information in the next step. Step4: Capture the 4-way handshake packets Type in the following airodump-ng –-channel n –-bssid xx:xx:xx:xx:xx:xx –-write wpapsk wlan0mon (Replace n and xx:xx:xx:xx:xx:xx with the information you are supposed to write down in previous step) !! ATTENTION!!! For some Kali version, you may need to use –ignore-negative-one option. Your command to capture the 4-way handshake should be as follows: airodump-ng –-ignore-negative-one –-channel n –-bssid xx:xx:xx:xx:xx:xx –-write wpapsk wlan0mon Wait until airodump indicates that it has captured the four-way handshake at the upper-right corner. Use “ctrl-c” to stop. ** Take screenshot for report. Step 4a: De-authentication attack as assistance to step 4 (You might not need this step. Can you tell why?) Open another CLI windows, type in the following: aireplay-ng --deauth 2 -a xx:xx:xx:xx:xx:xx -c yy:yy:yy:yy:yy:yy wlan0mon xx:xx:xx:xx:xx:xx is the mac address of the wireless AP. yy:yy:yy:yy:yy:yy is the mac address of the wireless NIC on the second lab machine. Step5: Crack the WPA-PSK key using dictionary attack Passworld.lst is a list of possible passwords. If you have a good password file, you have better chance to crack the wpa psk key. You may find a password list under /usr/share/wordlists/rockyou.txt.gz (Note: Use gzip –d to unzip a .gz file) To crack the WPA-PSK key, type in the following: aircrack-ng –w /usr/share/wordlists/rockyou.txt wpapsk-01.cap Note: In case you fail in your attempt to crack the key, you may need to stage your password file and complete this lab. Observe the output, ** Take screen shot for the report. Appendix: Steps to setup NIC in Kali VM. 1. First you need to install Alfa AWUS036H NIC correctly in the host system (Windows7). Use the driver CD came with the box or download the driver from the product support website. Note: You don’t need to reboot the machine. 2. Second, you need to mount this NIC in Kali VM: Under “VM” menu, connect the “removable device”. See below. Accept the warning message regarding “unplugging from the host”. See below. ...
Student has agreed that all tutoring, explanations, and answers provided by the tutor will be used to help in the learning process and in accordance with Studypool's honor code & terms of service.

This question has not been answered.

Create a free account to get help with this and any other question!