Knowledge Base for Penetration Testing
By default, domain joined Windows workstations allow access to the network selection UI from the lock screen. An attacker with physical access to a locked device with WiFi capabilities (such as a laptop or a workstation) can abuse this functionality to force the laptop to authenticate against a rogue access point and capture a MSCHAPv2 […]
WLAN basics Frequency / bands / Channels Overlapping channels for 2.4 GHz Non Overlapping channels for 2.4 GHz (to avoid interferences) with channel bonding Signal and attenuation 2.4GHz VS 5GHz –> The higher the frequency of a wireless signal the shorter the range.–> 2.4GHz (802.11g) covers a substantial larger range than that of 5.0GHz (802.11a)–> […]
Wireless Access Point Attacks A wireless access point (WAP) enables wireless devices to connect to a local network, typically using the Wi-Fi protocol. Because a WAP is an entry point into a network, and transmits data over the air to other devices, it is a worthwhile target to dedicate resources to for testing. A WAP’s […]
by