EXPLOITING THE

WIRELESS
VULNERABILITIES
Anjana Mohan
Anjali Rajalekshmi Pillai
Winliya Jewel Sunny
 Introduction

 In our modern environment, wireless networks are becoming increasingly dominant. The most significant
impact is on communication and connectivity. From homes to businesses, Wi-Fi networks provide seamless
connectivity. In addition to providing comfort, these networks often pose security risks.

 Nowadays, almost everyone has an internet-connected device. As the number of these devices rises, a
security strategy is essential to minimize their potential for exploitation.

 Using these technologies becomes increasingly necessary, and you must be aware of their vulnerabilities
and take proactive measures to secure them.
 Wireless Network Hacking

■ The term "wireless network hacking" refers to an unauthorized, malicious intrusion into a wireless
network to access or intercept sensitive information. This involves exploiting security protocols,
configurations, or hardware flaws to compromise the network's integrity, confidentiality, and availability.

■ Wireless network hacking can have serious consequences, such as illegal access to private information,
identity theft, financial damage, and negative publicity for a business. To prevent wireless network
hacking, it is essential to implement strong security measures, conduct regular vulnerability assessments,
and stay informed about emerging threats.
 Wireless Network Risks
 Piggybacking
If you fail to secure your wireless network, anyone with a wireless-enabled computer in range of your access
point can use your connection. A typical indoor access point's broadcast range is between 150 and 300 feet.
Outdoors, this range may extend as far as 1,000 feet.

 Evil Twin Attacks

Evil twin attacks involve impersonating a public network access point. Unsuspecting users connect to the
adversary's signal instead of the legitimate access point. An attacker can read any data sent over the internet
through the victim's connection using specialized tools.

 Wireless Sniffing
Numerous open access points lack security, and the data they transmit is not encrypted. This could endanger
your private communications or transactions.
 Vulnerability

■ Vulnerability can be defined as an issue in the software code that a hacker can exploit to harm the
systems. It can be a gap in implementing cybersecurity procedures or a weakness in the controls.
■ Once vulnerabilities have been identified in wireless networks, hackers can exploit them to gain
unauthorized access to the network.
 Vulnerability Examples

The vulnerability exists in every industry

1. Unauthorized network access by hackers due to a weak Firewall
2. Cracking of Wi-Fi Passwords
3. Exposure of sensitive data due to lack of application security
 Credit card data, Health Records
4. Security misconfiguration
 Misconfiguration of passwords
5. Insecure cryptographic storage
 Main Types of Vulnerabilities
There are 4 main vulnerabilities:
 Faulty defenses – Poor defense measures pave the way for easy intrusion by hackers. This may
be due to weak authentication, authorization, and encryption.
 Resource management not adequate –The chances of buffer overflow and the potential to have
many vulnerabilities are more significant when there is inadequate resource management.
 Insecure connections – If the connection between the system, application, and networks is
insecure, there is a higher probability of many threats like SQL injection.
 End user errors and misuse – In many cases, the errors are caused by humans and system
misuse.
 Vulnerability Assessment
 Network-Based Scans
To identify network vulnerabilities. This scan helps to find the vulnerable systems in the wired and wireless
networks.
 Host Based Scans
This scan is to identify vulnerabilities in the ports, configuration, server workstations, other hosts, and patch
history.
 Wireless Network Scans
Complete scan on wireless networks to find the vulnerabilities.
 Application Scans
To test all portals and mobile applications for vulnerabilities.
 Database Scans
To scan all the databases for potential vulnerabilities.
 Model of Vulnerabilities in Ethical Hacking

1. Firewall model
 Insider attacks - A Perimeter firewall should be decided, and this can take care of the
external attacks
 Missed security patches
 When the patch management of the firewall has not happened
 Configuration issues
 If there are faults in the configuration of the firewall
 DDOS attacks
 Only allow legitimate traffic to avoid these attacks
2. Password Model
To crack the password the hacker uses any of the following – Dictionary, Hybrid model,
and Brute force
 Model of Vulnerabilities in Ethical Hacking

3. Logical Bombing
This usually happens when the hacker uses malicious code to inject the web application
or the cloud infrastructure.

4. Web Hijacking
This happens when an unauthorized user tries to access the application bypassing the
authorization mechanism.
 Exploiting Vulnerabilities in Wireless
Networks
■ Techniques used by hackers to exploit wireless network vulnerabilities
» Hackers can exploit wireless network vulnerabilities by cracking encryption keys, spoofing MAC addresses,
and exploiting configuration vulnerabilities.
» For example, the AirCrack-NG tool is one of the tools hackers use to exploit weak encryption by capturing and
analyzing wireless network traffic.
» Spoofing MAC addresses is also a way to bypass authentication measures on wireless networks.
» In addition, hackers can exploit configuration vulnerabilities, including default passwords or failing to update
firmware and software patches.
■ Real-world examples of wireless network vulnerabilities
» A high-profile example is the WPA2 KRACK vulnerability in 2017. In this vulnerability, attackers could
intercept and decrypt wireless traffic, compromising sensitive information.
» Another example is the Mirai botnet, which exploited poor configuration vulnerabilities in IoT devices to
launch DDoS attacks. In this attack, attackers gained control of vulnerable IoT devices by using default
usernames and passwords.
 Countermeasures for Preventing Wireless
Network Hacks
 Conducting a Vulnerability Assessment
Conducting a thorough vulnerability assessment helps you identify and address vulnerabilities in wireless networks.
 Wi-Fi Hacking Techniques
A common hacking technique is password cracking, where attackers exploit weak, easy-to-guess passwords to break into
networks. Minimize the risk by changing the default passwords to strong ones.
 Network Penetration Testing
It is essential to perform network penetration testing to mimic actual attacks and evaluate the security posture of wireless
networks. The steps include planning, scouting, enumeration, scanning, exploitation, obtaining access, post-exploitation
analysis, and reporting.
 Mitigation and Best Practices
Effective mitigation mechanisms and best practices must be used to protect wireless networks from potential threats. First,
use strong encryption and authentication, regularly update and patch systems, and correctly configure wireless devices and
access points.
 Conclusion
 The security of wireless networks has become one of the most important things in today's digital world.
Keeping your wireless networks secure begins with understanding the vulnerabilities and dangers they
pose.
 Performing regular vulnerability assessments and penetration tests and putting everyone's feedback into
practice will ensure you are not at risk.
 The process of defending against network vulnerabilities requires constant assessment, monitoring, and
adaptation.
 Keeping an eye on your wireless networks and taking proactive security measures can ensure
availability, integrity, and confidentiality, and defending against hackers becomes easy.