Detecting vulnerabilities in the WLAN with Wifislax
Overview
Many analysis programs, such as the Angry IP scanner, Etherape, Iptraf, the Net Activity Viewer, Wireshark, and Zenmap are available in the Wifislax | Network Tools menu to give you an overview of your a network.
These tools not only graphically visualize the local network but also provide the first indications of malicious or unusual traffic. With the well-known sniffing tool Ettercap, you can also record data transmissions, including insecure passwords on the internal network.
The Hping3, Mdk3, and Yersinia programs reveal weak spots in firewalls, clients, servers or routers using data flooding technologies. Yersinia also exploits known vulnerabilities in different network protocols to detect configuration deficits.
Applications such as Medusa and Hydra are dedicated to securing passwords and authentication mechanisms. Using dictionary attacks, these tools try to decrypt passwords, although Medusa primarily concentrates on the WLAN router. However, most programs from this group only work if you switch the computer's WLAN card to the monitor mode. You can do this at the command line with the command airmon-ng
: Without any parameters, it shows the WLAN card's current status. Then – if the WLAN adapter is not yet in monitor mode – enter the command airmon-ng start <Adapter>
(Figure 3).
You will also find tools that use a dictionary attack in the Decrypters menu. The menu assigns the tools to country-specific groups and also takes special hardware into account. For example, special scripts are available for providers Alice and Vodafone; they target the routers supplied by these providers, sounding them out for security vulnerabilities. The scripts that examine WLAN routers from manufacturers such as D-Link or TP-Link for gaps in the authentication are more neutral in their approach.
Additionally, other tools work independently of manufacturer and device. You can find these tools in the Suite aircrack-ng, Wireless, and Wpa submenus. The Aircrack suite offers extensive opportunities for sniffing data traffic on a WLAN; it can also extract WEP, WPA, and WPA2 keys from the WLAN using brute-force and dictionary attacks. Also, tools in the Aircrack suite can decrypt data streams that have been "secured" using a WEP or WPA key, provided that the associated key is known.
The Wireless and Wpa menus group offer additional analysis tools, which are again a mixture of command-based programs and tools with a graphical user interface. The focus of these utilities is also in finding and testing WLAN networks.
Lesser-known software, such as Wifi Metropolis, Minidwep-gtk (Figure 4), and GOYscript, are included, as well as the standard WLAN sniffer Kismet. The Wpa menu also includes several programs for recording WPA handshakes, such as Autohs GUI, coWPAtty, or HandShaker.
Many newer devices are integrated using WPS (WiFi Protected Setup) without cumbersome key acquisition on a WLAN. Authentication is usually performed using a PIN. This method has serious security vulnerabilities. Wifislax developers implemented their own Wpa wps submenu in order to detect the weak points on the WLAN. The Wpa wps submenu contains software that is suitable for detecting WPS-enabled devices on the WLAN, testing existing keys, and also generating PIN codes.
Additional Software
Wifislax may focus on network security, but it also provides several applications for data reconstruction. These include the programs Testdisk and Qphotorec programs in the System | Repair & Recover Tools menus. For forensic tasks under Wifislax | Forensics, you will also find some useful programs such as Dumpzilla and Grampus, which can be use for extracting metadata for forensic tasks.
If you are missing an application, you can install it using the package management system. Wifislax uses Slackware package management and – in the form of Gslapt – also provides a graphical interface for software installation that is strongly reminiscent of Synaptic under System | Wifislax packets administrator. You will also find a converter that allows you to convert third-party packages to the XZM package format used by Slackware (Figure 5).
Conclusions
Wifislax offers a good selection of testing tools, which you can use to track security vulnerabilities quickly for virtually all common WLAN security application scenarios. In addition, the Wifislax distribution is also capable of data reconstruction. The cumbersome installation wizard and the incomplete localization of certain programs are both areas for improvement.
Infos
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
News
-
Kubuntu Focus Announces XE Gen 2 Linux Laptop
Another Kubuntu-based laptop has arrived to be your next ultra-portable powerhouse with a Linux heart.
-
MNT Seeks Financial Backing for New Seven-Inch Linux Laptop
MNT Pocket Reform is a tiny laptop that is modular, upgradable, recyclable, reusable, and ships with Debian Linux.
-
Ubuntu Flatpak Remix Adds Flatpak Support Preinstalled
If you're looking for a version of Ubuntu that includes Flatpak support out of the box, there's one clear option.
-
Gnome 44 Release Candidate Now Available
The Gnome 44 release candidate has officially arrived and adds a few changes into the mix.
-
Flathub Vying to Become the Standard Linux App Store
If the Flathub team has any say in the matter, their product will become the default tool for installing Linux apps in 2023.
-
Debian 12 to Ship with KDE Plasma 5.27
The Debian development team has shifted to the latest version of KDE for their testing branch.
-
Planet Computers Launches ARM-based Linux Desktop PCs
The firm that originally released a line of mobile keyboards has taken a different direction and has developed a new line of out-of-the-box mini Linux desktop computers.
-
Ubuntu No Longer Shipping with Flatpak
In a move that probably won’t come as a shock to many, Ubuntu and all of its official spins will no longer ship with Flatpak installed.
-
openSUSE Leap 15.5 Beta Now Available
The final version of the Leap 15 series of openSUSE is available for beta testing and offers only new software versions.
-
Linux Kernel 6.2 Released with New Hardware Support
Find out what's new in the most recent release from Linus Torvalds and the Linux kernel team.