BackTrack 5 Wireless Penetration Testing
BackTrack 5 Wireless Penetration Testing
Wireless Lab Setup
"If I had eight hours to chop down a tree, I'd spend six hours sharpening my axe."
Abraham Lincoln, 16th US President
Behind every successful execution is hours or days of preparation, and Wireless Penetration testing is no exception. In this chapter, we will create a wireless lab that we will use for our experiments in this book. Consider this lab as your preparation arena before you dive into the real-world penetration testing!
Wireless Penetration testing is a practical subject and it is important to first setup a lab where we can try out all the different experiments in this book in a safe and controlled environment. It is important that you set up this lab first before proceeding ahead in this book.
In this chapter, we shall look at the following:
‹‹Hardware and software requirements
‹‹BackTrack 5 installation
‹‹Setting up an access point and configuring it
‹‹Installing the wireless card
‹‹Testing connectivity between the laptop and the access point
So let the games begin!
Wireless Lab Setup
[ 8 ]
Hardware requirements
We will need the following hardware to set up the wireless lab:
‹‹ Two laptops with internal Wi-Fi cards: We will use one of the laptops as the victim
in our lab and the other as the penetration tester's laptop. Though almost any
laptop would fit this profile, laptops with at least 3 GB RAM is desirable. This is
because we may be running a lot of memory-intensive software in our experiments.
‹‹ One Alfa wireless adapter: We need a USB Wi-Fi card that can support packet injection
and packet sniffing, and that is supported by Backtrack. The best choice seems to be
the Alfa AWUS036H card from Alfa Networks as BackTrack supports this out-of-thebox.
This is available on Amazon.com for a retail price of $34 at the time of writing.
‹‹ One access point: Any access point which supports WEP/WPA/WPA2 encryption
standards would fit the bill. I will be using a D-LINK DIR-615 Wireless N Router for
the purpose of illustration in this entire book. You can purchase it from Amazon.com
where it is retailing at around $35 at the time of writing.
‹‹ An Internet connection: This will come in handy to perform research, download
software, and for some of our experiments.
Software requirements
We will need the following software to set up the wireless lab:
‹‹ BackTrack 5: BackTrack can be downloaded from their official website located at
http://www.backtrack-linux.org. The software is open source and you
should be able to download it directly from the website.
‹‹ Windows XP/Vista/7: You will need any one of Windows XP, Windows Vista, or
Windows 7 installed in one of the laptops. This laptop will be used as the victim
machine for the rest of the book.
It is important to note that even though we are using a Windows-based OS for our tests, the
techniques learnt can be applied to any Wi-Fi capable devices such as Smart Phones and
Tablets, among others.
Installing BackTrack
Let us now quickly look at how to get up and running with BackTrack.
BackTrack will be installed on the laptop which will serve as the penetration tester's machine
for the rest of the book.
Chapter 1
[ 9 ]
Time for action – installing BackTrack
BackTrack is relatively simple to install. We will run BackTrack by booting it as a Live DVD and
then install it on the hard drive.
Perform the following instructions step-by-step:
1. Burn the BackTrack ISO (we are using the BackTrack 5 KDE 32-Bit edition) that you
have downloaded into a bootable DVD.
2. Boot the laptop with this DVD and select the option BackTrack Text – Default Boot
Text Mode from the boot menu:
Wireless Lab Setup
[ 10 ]
3. If booting was successful then you should see the familiar BackTrack screen:
4. You can boot into the graphical mode by entering startx on the command prompt.
Enjoy the boot music! Once you are in the GUI, your screen should resemble
the following:
Chapter 1
[ 11 ]
5. Now click on the Install BackTrack icon to the top-left of the desktop. This will
launch the BackTrack installer as shown next:
6. This installer is similar to the GUI-based installers of most Linux systems and should
be simple to follow. Select the appropriate options in each screen and start the
installation process. Once the installation is done, restart the machine as prompted,
and remove the DVD.
7. Once the machine restarts, it will present you with a login screen. Type in the login
as "root" and password as "toor". You should now be logged into your installed
version of BackTrack. Congratulations!
I will be changing the desktop theme and some settings for this book. Feel free to use your
own themes and color settings!
Wireless Lab Setup
[ 12 ]
What just happened?
We have successfully installed BackTrack on the laptop! We will use this laptop as the
penetration tester's laptop for all other experiments in this book.
Have a go hero – installing BackTrack on Virtual Box
We can also install BackTrack within virtualization software such as Virtual Box. For readers
who might not want to dedicate a full laptop to BackTrack, this is the best option. The
installation process of BackTrack in Virtual Box is exactly the same. The only difference is the
pre-setup, which you will have to create in Virtual Box. Have a go at it! You can download
Virtual Box from http://www.virtualbox.org.
One of the other ways we can install and use BackTrack is via USB drives. This is particularly
useful if you do not want to install on the hard drive but still want to store persistent data on
your BackTrack instance, such as scripts and new tools. We would encourage you to try this
out as well!
Setting up the access point
Now we will set up the access point. As mentioned earlier, we will be using the D-LINK DIR-
615 Wireless N Router for all the experiments in this book. However, feel free to use any
other access point. The basic principles of operation and usage remain the same.
Time for action – configuring the access point
Let us begin! We will set the access point up to use Open Authentication with an SSID of
"Wireless Lab".
Follow these instructions step-by-step:
1. Power on the access point and use an Ethernet cable to connect your laptop to one
of the access point's Ethernet ports.
Chapter 1
[ 13 ]
2. Enter the IP address of the access point configuration terminal in your browser. For
the DIR-615, it is given to be 192.168.0.1 in the manual. You should consult your
access point's setup guide to find its IP address. If you do not have the manuals
for the access point, you can also find the IP address by running the route –n
command. The gateway IP address is typically the access point's IP. Once you are
connected, you should see a configuration portal which looks like this:
3. Explore the various settings in the portal after logging in and find the settings related
to configuring a new SSID.
"If I had eight hours to chop down a tree, I'd spend six hours sharpening my axe."
Abraham Lincoln, 16th US President
Behind every successful execution is hours or days of preparation, and Wireless Penetration testing is no exception. In this chapter, we will create a wireless lab that we will use for our experiments in this book. Consider this lab as your preparation arena before you dive into the real-world penetration testing!
Wireless Penetration testing is a practical subject and it is important to first setup a lab where we can try out all the different experiments in this book in a safe and controlled environment. It is important that you set up this lab first before proceeding ahead in this book.
In this chapter, we shall look at the following:
‹‹Hardware and software requirements
‹‹BackTrack 5 installation
‹‹Setting up an access point and configuring it
‹‹Installing the wireless card
‹‹Testing connectivity between the laptop and the access point
So let the games begin!
Wireless Lab Setup
[ 8 ]
Hardware requirements
We will need the following hardware to set up the wireless lab:
‹‹ Two laptops with internal Wi-Fi cards: We will use one of the laptops as the victim
in our lab and the other as the penetration tester's laptop. Though almost any
laptop would fit this profile, laptops with at least 3 GB RAM is desirable. This is
because we may be running a lot of memory-intensive software in our experiments.
‹‹ One Alfa wireless adapter: We need a USB Wi-Fi card that can support packet injection
and packet sniffing, and that is supported by Backtrack. The best choice seems to be
the Alfa AWUS036H card from Alfa Networks as BackTrack supports this out-of-thebox.
This is available on Amazon.com for a retail price of $34 at the time of writing.
‹‹ One access point: Any access point which supports WEP/WPA/WPA2 encryption
standards would fit the bill. I will be using a D-LINK DIR-615 Wireless N Router for
the purpose of illustration in this entire book. You can purchase it from Amazon.com
where it is retailing at around $35 at the time of writing.
‹‹ An Internet connection: This will come in handy to perform research, download
software, and for some of our experiments.
Software requirements
We will need the following software to set up the wireless lab:
‹‹ BackTrack 5: BackTrack can be downloaded from their official website located at
http://www.backtrack-linux.org. The software is open source and you
should be able to download it directly from the website.
‹‹ Windows XP/Vista/7: You will need any one of Windows XP, Windows Vista, or
Windows 7 installed in one of the laptops. This laptop will be used as the victim
machine for the rest of the book.
It is important to note that even though we are using a Windows-based OS for our tests, the
techniques learnt can be applied to any Wi-Fi capable devices such as Smart Phones and
Tablets, among others.
Installing BackTrack
Let us now quickly look at how to get up and running with BackTrack.
BackTrack will be installed on the laptop which will serve as the penetration tester's machine
for the rest of the book.
Chapter 1
[ 9 ]
Time for action – installing BackTrack
BackTrack is relatively simple to install. We will run BackTrack by booting it as a Live DVD and
then install it on the hard drive.
Perform the following instructions step-by-step:
1. Burn the BackTrack ISO (we are using the BackTrack 5 KDE 32-Bit edition) that you
have downloaded into a bootable DVD.
2. Boot the laptop with this DVD and select the option BackTrack Text – Default Boot
Text Mode from the boot menu:
Wireless Lab Setup
[ 10 ]
3. If booting was successful then you should see the familiar BackTrack screen:
4. You can boot into the graphical mode by entering startx on the command prompt.
Enjoy the boot music! Once you are in the GUI, your screen should resemble
the following:
Chapter 1
[ 11 ]
5. Now click on the Install BackTrack icon to the top-left of the desktop. This will
launch the BackTrack installer as shown next:
6. This installer is similar to the GUI-based installers of most Linux systems and should
be simple to follow. Select the appropriate options in each screen and start the
installation process. Once the installation is done, restart the machine as prompted,
and remove the DVD.
7. Once the machine restarts, it will present you with a login screen. Type in the login
as "root" and password as "toor". You should now be logged into your installed
version of BackTrack. Congratulations!
I will be changing the desktop theme and some settings for this book. Feel free to use your
own themes and color settings!
Wireless Lab Setup
[ 12 ]
What just happened?
We have successfully installed BackTrack on the laptop! We will use this laptop as the
penetration tester's laptop for all other experiments in this book.
Have a go hero – installing BackTrack on Virtual Box
We can also install BackTrack within virtualization software such as Virtual Box. For readers
who might not want to dedicate a full laptop to BackTrack, this is the best option. The
installation process of BackTrack in Virtual Box is exactly the same. The only difference is the
pre-setup, which you will have to create in Virtual Box. Have a go at it! You can download
Virtual Box from http://www.virtualbox.org.
One of the other ways we can install and use BackTrack is via USB drives. This is particularly
useful if you do not want to install on the hard drive but still want to store persistent data on
your BackTrack instance, such as scripts and new tools. We would encourage you to try this
out as well!
Setting up the access point
Now we will set up the access point. As mentioned earlier, we will be using the D-LINK DIR-
615 Wireless N Router for all the experiments in this book. However, feel free to use any
other access point. The basic principles of operation and usage remain the same.
Time for action – configuring the access point
Let us begin! We will set the access point up to use Open Authentication with an SSID of
"Wireless Lab".
Follow these instructions step-by-step:
1. Power on the access point and use an Ethernet cable to connect your laptop to one
of the access point's Ethernet ports.
Chapter 1
[ 13 ]
2. Enter the IP address of the access point configuration terminal in your browser. For
the DIR-615, it is given to be 192.168.0.1 in the manual. You should consult your
access point's setup guide to find its IP address. If you do not have the manuals
for the access point, you can also find the IP address by running the route –n
command. The gateway IP address is typically the access point's IP. Once you are
connected, you should see a configuration portal which looks like this:
3. Explore the various settings in the portal after logging in and find the settings related
to configuring a new SSID.
No comments:
Post a Comment