We present you the new issue of Hakin9 Magazine! This time we decided to focus on one of the most popular topics out there - Wireless Hacking.
As always we prepared for you a few github projects related to the topic at hand. I hope that you will find them useful! Most of articles this month are related to the main theme as well, for example you will have a chance to learn all about Aircrack-ng by Anthony Caldwell - he prepared a simple and informative guide dedicated to this tool. Carlos Manzo Trujillo will teach you how to use wireless techniques to hack drones. For those of you that are just starting out with wireless hacking, Uche Akajiuba will show you how hack WPA2-PSK with Kali Linux. You don’t want to miss it!
To take a break from wireless topics, Sumit Kumar Soni presents System Hardening tools and tips for Windows and Linux. Samrat Das wrote about CASB, if you don’t know what it is, now it’s your chance to find out more about this fascinating topic.
We appreciate your feedback at all times, so if you have any comments or suggestions, do let us know! You can find us on social media, or write us an email - everyone’s welcome!
Enjoy the issue,
Github Corner Wireless Hacking Edition
“We created URH to be both, powerful and easy to use” - interview with Johannes Pohl and Andreas Noack creators of Universal Radio Hacker
by Marta Sienicka and Marta Strzelec
The Development of Displaying SSL Certificates in a Browser
by Jindrich Zechmeister
Displaying an SSL certificate in a browser is one of the aspects of using the internet. This originally unremarkable problem has gradually become a big topic, which affects not only security, but marketing as well. Let us look at how displaying SSL certificates in browsers has developed. You might be surprised how often this changes and how much it has deviated from its original purpose.
IMSI Catching Over WIFI Networks: Exposing WIFI-Offloading
by Loay Abdelrazek
IMSI (International Mobile Subscriber Identity) catchers have been widely known in 3G mobile networks as a malicious device to intercept and eavesdrop mobile traffic and tracking users, considered a type of man-in-the-middle attacks. This type of attack has been aroused in wifi networks as well.
Python - Practice and functionality
by Omar Ahmed
In this article, we will try to shed light on some of the Python advantages and functionality. We will divide the article into two parts; the first part will discuss the practical use of Python to perform Wi-Fi attacks, the second part will use Python to perform Exploit Development. I will try to explain everything in detail. But to be honest, you should be aware of some things so that you do not miss anything.
CASB - Cloud Access Security Broker
by Samrat Das
This article aims to bring forward a concise knowledge for those people who are interested to learn about the latest trend of Cloud Broker Security. A Cloud Access Security Broker (CASB) is a set of new cloud security technologies that addresses the challenges posed by the use of cloud apps and services. They work as tools that sit between an organization's on-premises infrastructure and a cloud provider's infrastructure.
New hacking era: wireless hacking by drones
by Carlos Manzo Trujillo
This is a guide on defense, specifically the Parrot Bebop Drone – once pulled out of the box, it has no encryption or authentication methods, thus it leaves the drone susceptible to wireless hacking. Remember, if the drone is updated then certain security functions may be changed.
by Pprasoon Nigam
Cracking of wireless networks is the defeating of security devices in wireless local-area networks. Wireless local-area networks (WLANs), also called Wi-Fi networks, are inherently vulnerable to security lapses that wired networks are exempt from.
Wireless Hacking with Aircrack-ng
by Anthony Caldwell
Given our increasing need to stay connected via social media, email and, therefore, have access to the Internet, the availability of free, open WiFi access points in institutions, shops and in some areas, city-wide access points has become the norm. We don’t give a second thought to accessing a free WiFi spot in a coffee shop or otherwise since it enables us to maintain access. But, what about our home? While you may have followed our best advice to select a password for your router, implemented WPA/WPA2 encryption, it is possible, with help, to access these also. In this article, we outline the use of a tool called ‘Aircrack-ng’ used by security professionals to access secured WiFi.
Hacking WPA2-PSK With Kali Linux
by Uche Akajiuba
A wireless network is a network that uses radio waves to connect computers and other like devices together. The implementation is done at the physical layer (Layer1) of the OSI model. WPA2 (Wi-Fi Protected Access) is a wireless security protocol that makes use of AES encryption and CCMP, a TKIP replacement. It is stronger than the other wireless security protocols (WEP, WPA).
System Hardening Tools and Tips
by Sumit Kumar Soni
In the tug of war between attacker and defenders, defenders need to secure the complete attack surface. In general, the attack surface is comprised of all possible entry points for an attacker. While the defenders or your system administrators need to mitigate every single existing attack vector, the attackers need to find just one single unprotected vector.
Emulating Firmware for Blind Command Injection
by Nitesh Malviya
In this article, we will be learning how to emulate a firmware for exploiting Blind Command Injection vulnerability in the Netgear firmware. Let’s start. The article has been divided in two parts: First Part – Firmware emulation and Second Part – Exploiting command Injection