Back in studio with Shannon this week. Darren has answers to your WiFi deauthorization attack questions and a demo of a nifty deuth watching script. Shannon’s all about free and open source alternatives to online backup services like Backupify. Can these tools keep your cloud data secure?

Download HD Download MP4 Download XviD Download WMV

Deauthorization Attacks explained (with demo)

This week we’re answering viewer questions regarding last week’s wireless deauthorization attacks.

How does Deauth work if a client connected to an AP using encryption?
-Mark B

The answer lies in the fact that 802.11b/a/n/g management frames, special packets used to establish and maintain communications, are all sent unencrypted. These include:

  • Authentication
  • Association request
  • Association response
  • Reassociation request
  • Reassociation response
  • Beacon
  • Probe request
  • Probe response
    • And finally our favorite…

      • Deauthentication

      I was wondering how do I prevent the de authorize attacks and man-in-the-middle attacks on my laptop or computer
      -Test Account

      Short of rewriting your wireless radio’s firmware to ignore deauthorization packets I’m at a loss when it comes to preventing the attack. If you know of a way please get in touch. That said, deauth attacks are quite simple to detect.

      Viewer Tinman2k wrote in with a simple python script that uses airmon-ng and scappy to scan for associations, authentications and deauthentications.

      You’ll need to begin by placing your card into monitor mode. For example: airmon-ng wlan0 start. Then pass your monitor interface to readAuthDeauth.py

      #!/usr/bin/env python
      
      ######################################################
      #	authWatch.py v. 0.1 (Quick, Dirty and Loud) - by TinMan
      #	Place card in monitor mode and set the channel. 
      #	If you want channel hopping, run airodump-ng in 
      #	another terminal. Will add channel hopping 
      # 	in the next version. 
      ######################################################	
      #
      #	Usage: python authWatch.py 
      #	
      
      import sys
      from scapy import *
      
      interface = sys.argv[1]
      
      def sniffReq(p):
           if p.haslayer(Dot11Deauth):
      # Look for a deauth packet and print the AP BSSID, Client BSSID and the reason for the deauth.
                 print p.sprintf("Deauth Found from AP [%Dot11.addr2%] Client [%Dot11.addr1%], Reason [%Dot11Deauth.reason%]")
      # Look for an association request packet and print the Station BSSID, Client BSSID, AP info.
           if p.haslayer(Dot11AssoReq):
                 print p.sprintf("Association request from Station [%Dot11.addr1%], Client [%Dot11.addr2%], AP [%Dot11Elt.info%]")
      # Look for an authentication packet and print the Client and AP BSSID
      		   if p.haslayer(Dot11Auth):
      	   print p.sprintf("Authentication Request from [%Dot11.addr1%] to AP [%Dot11.addr2%]")
       	   print p.sprintf("------------------------------------------------------------------------------------------")
      sniff(iface=interface,prn=sniffReq)
      

      Backing up your Cloud Data

      One of these day the monkeys will rise up and conquer the net as we know it. That’s why having good backups of your online data is important. So rather than getting screwed when gmail, google docs, flickr, delicious, twitter and wordpress go down, let’s use free and open source software to make proper backups.

      Online services like Backupify make it easy to backup your cloud data — but it’s just from one cloud to another (Amazon S3). If you’d like a local copy of your data check out these programs

      Episode 706 – Deauth Detection and Cloud Data Backups

27 Comments

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>