Wireless Based Vulnerabilities Flashcards
1
Q
Evil Twin (Wireless Vulnerability)
A
- rogue acces point that appears to be legitimate, but is set up to eavesdrop on wireless communications
- Karma Attack - type of evil twin attack, karma attacks radio machines automatically, devices listen for SSID requests and respond as if they were the legit access point
2
Q
Deauthentication attack (Wireless Vulnerability)
A
- type of denial of service attack that targets communication between a use and a WAP, disconnects target device to recapture authentication
3
Q
Fragmentation Attack (Wireless Vulnerability)
A
- network exploited by use of datagram fragmentation mechanisms, small amount of keying material is obtained from the packet then attempts to send ARP or LLC packets with known content to the AP
- if packets are echoed back by AP, larger amount of keying information can be obtained from returned packet
4
Q
Credential Harvesting (Wireless Vulnerability)
A
- focuses on collecting usernames and passwords, usually performed by use of fake captive portal ESPortalV2
5
Q
WPS Implementation Attacks (Wireless Vulnerability)
A
- WPS uses push button and 8 digit WPS pin for config, easily brute forced because PIN is authenticated by breaking it in two
6
Q
Bluetooth Attacks (Wireless Vulnerability)
A
- Bluejacking - sending unsolicited messages over BT to BT enabled devices
- bluesnarfing - theft of information from wireless devie through BT
7
Q
RFID Cloning (Wireless Vulnerability)
A
- capturing RF signal from bagde for copy and reuse
8
Q
Jamming (Wireless Vulnerability)
A
*wireless DOS attack that prevents devices from communicating with each other by occupying the frequency
9
Q
Repeating (Wireless Vulnerability)
A
*used to capture existing wireless signal and rebroadcast it to extend range, can be an attack vector if not properly configured
10
Q
Fake Cell Phone Towers (Wireless Vulnerability)
A
- used to capture the IMSI (Subscriber ID) number, can be used to create MITM
