Advanced Wi-Fi Penetration Testing



Advanced Wi-Fi Penetration Testing

Trainer: Vivek Ramachandran
Vivek has been involved in security research, product development, penetration testing and evangelism for over a decade now. He discovered the Caffe Latte attack and also broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and introduced the concept of pure Wi-Fi based malware and worms. He is also the author of the book “Wireless Penetration Testing using BackTrack 5″ which has received great appreciation by the worldwide security and hacker community. His second book – “Metasploit Megaprimer ” is due for launch in February 2012.
 
Vivek’s work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. This year he is speaking or training at a number of security conferences, including Blackhat USA and Abu Dhabi, Defcon, Hacktivity, Brucon, C0C0n, SecurityZone, SecurityByte etc.

 

Description:
Wi-Fi has become ubiquitous in our lives today. However, the flexibility and mobility provided by Wi-Fi comes at a cost – inherent insecurity! This workshop will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide the participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools. We will start our journey with the very basics by dissecting WLAN packet headers with Wireshark, then graduate to the next level by cracking WEP, WPA/WPA2 and then move on to real life challenges like orchestrating Man-in-the-Middle attacks, creating Wi-Fi Backdoors and solving some live CTF style challenges together!
 

Course Content:

A non-exhaustive list of topics include:
Wireless LAN Basics:

  • 802.11 WLAN Packet Types and Headers
  • WLAN Authentication and Encryption
  • Wireless Lab Setup
  • Analyzing Wireless Traffic with Wireshark
  • Wireless Sniffing and War Driving
  • Bypassing WLAN Authentication
  • Shared Key Authentication
  • Hidden SSID
  • Mac Address Filtering
    • Breaking WLAN Encryption:
  • WEP
  • WPA/WPA2 Personal
  • WPA/WPA2 Enterprise
    • Different Scenarios for Cracking:
  • AP-less Cracking
  • Client-less Cracking
    • Attacking the WLAN Infrastructure:
  • Network discovery and enumeration
  • Misconfigured Access Points
  • Rogue Devices
  • Evil Twins
  • Denial of Service attacks
  • Replay Attacks
  • Man-in-the-middle attacks
    • Attacking the Wireless Client:
  • Mis-Association attacks
  • Denial of Service attacks
  • Ad-Hoc network attacks and Viral SSIDs
  • Honeypot attacks
  • Hotspot attacks
  • Caffe Latte attack
  • Fragmentation Attacks
  • Hirte attack
  • Viral SSIDs and Ad-Hoc network attacks
  • Wi-Fishing
  • Enumerating security settings
    • Hacking Enterprise Security:
  • 802.1x basics
  • Hacking 802.1x authentication
  • RADIUS, EAP, LEAP, PEAP attacks
  • Rogue Servers
    • Advanced Wireless Attacks:
  • Wi-Fi Malware – Windows 7, Vista, XP, OSX, Linux
  • Breaking into the client with Metasploit and SET
  • SSL MITM over Wireless
  • Evading Wireless IDS/IPS
    • Scripting Wireless Tools:
  • Programming Wireless Injectors and Sniffers
  • Automating Wi-Fi attacks
  • Extending existing tools like Aircrack-NG for fun and profit
    • Wireless Forensics:
  • Analyzing Wi-Fi traffic
  • Attack analysis with Wireshark and other tools
  • Reconstructing attacks
    • Wireless best practices:
  • Access Points
  • Clients
  • Network Architecture
  • Wireless Intrusion Prevention systems
  • Roadmap for further study
    • Salient Features:
  • Over 25 hands on lab sessions for the participants
  • 5 pure Wi-Fi CTF challenges during the training

    •  
    Course Material:
  • Full course content slides
  • Over 10 hours of HD quality video lectures with hands-on demonstrations
  • Alfa Networks Wi-Fi Card
  • Backtrack 5 Wireless Penetration Testing Beginners Guide

    •  
    Prerequisites:
  • Wireless LAN basics
    •
  • Should know how to configure WLANs – access points and client
    •
  • Familiarity with Linux
    •
     

    Course Requirements:

  • Laptop with at least 4GB of free HD space and should have at least 2GB of RAM.
  • VMware workstation/player for Windows or Fusion for the Mac.
    •

    Participants will learn:

  • Basic to Advanced Wireless LAN security
  • Be able to audit wireless networks for security vulnerabilities
    •
  • Demonstrate different Wi-Fi attacks as Proof of Concepts
    •
  • Propose best practices to create a secure wireless network
    •


     
    Course Length & Location:
    Dates: September 25 & 26, 2012
    Meeting Time: 8:30 AM – 5:00 PM
    DeVos Place (Room TBA) 303 Monroe Ave. Grand Rapids, MI 49503
     

    Registration:

    Price $1,500, Includes GA ticket for GrrCON      
     
    Registration is CLOSED