Wireless Hacking Tools
Figure 1 - Man in the Middle Attack
Figure 1 illustrates a man in the middle attack. The authorized user will be faked into connecting to the unauthorized user instead of the AP. The unauthorized user will be able to alter the message sent between the authorized user and the AP in order to attack the security.
AP phishing or "Evil Twin" is a confidentiality attack where the user is tricked into trying to logon to fake APs thus providing their credentials to the attacker. Attackers will setup these phony APs and create fake logon pages in hopes to collect users' personal information including credit card information. The user may also be coerced into downloading a series of trojan horses. They may also use these fake APs to invoke man in the middle attacks. 
There are a variety of confidentiality attacks, but they all have one common goal - to gather the private information of a user. One or more of the attacks can be used. These include eavesdropping or sniffing, man in the middle attacks, and AP phishing.
2.1 Confidentiality Attack Tools
For eavesdropping a commonly used tool is Wireshark, formally Ethereal. It is a basic sniffing program that will display all network traffic both wired and wireless. It is a multi-platform, multi-protocol analyzer with hundreds of protocols supported. It includes support for 802.11 and Bluetooth and also includes decryption support for many popular wireless security protocols including IPsec, Internet Security Association and Key Management Protocol (ISAKMP), Kerberos, Secure Sockets Layer, Wired Equivalent Privacy (WEP), and Wi-Fi Protected Access (WPA)/WPA2. 
Wireshark will display the captured data in an easy to read and easy to follow form. It also has many built in filters and the ability for the user to design their own filters. These filters can be used to only capture specific data such as a certain IP address, protocol, port number, etc.
Figure 2 - Wireshark Screenshot
3 of 12
12/19/2007 5:16 PM