Week 1: Setting up a Wifi Attack station

Learning outcomes:

  • Learn about Wi-Fi system
  • Set up attacking equipment (Raspberry Pi, Kali Linux, Wireless adapter)
  • Getting familiar with the attacking equipment —> talk about Journeys - in prep for this course i have started linux, journey

I’ve divided the post into “Blue Team” and “Red Team” segments.

  • Blue Team refers to the defending team. In our case, it is our home wifi network.
  • Red Team refers to the attacking team. In this case, it is our attacker set up.

Blue Team

The Wi-Fi system

Name Trivia

Different names for Wi-Fi are “Wireless Local Area Network” (WLAN) and 802.11 (based on the IEEE technology standard)

The Wifi Environment

Home set up

A typical Wi-Fi set up is where the lan cable connects to the NBN box which connects to the router which acts as an Access Point to emit the Wireless signal for devices to send and receive.

Typical Wifi set up

A home internet set up typically looks like this:

NBN Box

Ignoring the million cables and separate devices, the key components to providing internet access is via the NBN Box and the Router.

  • The ISP (Optus, Telstra, TPG, iiNet etc) will provide a connection through to the NBN Box
  • The NBN Box will in turn provide the access to the Router
  • Finally, the Router provides the connection to any devices connected to it either through an ethernet cable or a wireless connection.

The router broadcasts and receives wifi signal.

Not directed. Anyone can pick up the signal.

31/08/22 Update:

Found an older modem router and connected it to the main router via LAN cable.

This allows us to create a separate access point for us to attack without messing with the rest of the household’s internet access.

Getting familiar with the admin console

Most modems are set up with an admin console for the owners to interact with the modem. Here is a screenshot of the TP-Link console.

On this page, it shows a variety of menus where the owner can modify configurations in both a “Basic” mode and an “Advanced” mode.

NBN Box

I will spend a lot of time on this console to set up the security configurations to prevent unauthorised access.

Red Team

Equipment

The computer - Raspberry Pi

Right now there’s a huge shortage due to the lack of production from the pandemic so the price of a RPi is sky high

https://amzn.asia/d/i7wWtCa

Borrowed a friend’s

My device of choice is Raspberry Pi as it is small, portable and cute. More importantly, it runs kali linux which is the software I need for my project. It is also easily flashed, so if I make any major errors I can restart all over again.

Pie crust case

https://www.raspberrypi.com/news/3d-printed-raspberry-pi-cases/

The OS - Kali Linux

Set up SSH

This way we don’t need to attach the Raspberry Pi to a monitor. We can use SSH to connect to the RPi via a terminal.

Set up Wifi

https://linuxconfig.org/how-to-enable-and-disable-wifi-on-kali-linux

Why did you pick Kali

Kali Linux is the go to tool for penetration testing and ethical hacking. This platform will allow me to apply the theoretical knowledge and concepts from my weekly readings to develop deeper practical understanding in Wi Fi Hacking.

Kali Linux has a rolling release model, allowing me to be always be up to date in the tools available. It also has a large active community and documentation, something I can make use of as needed.

Setting up Kali on Raspberry Pi

https://raspberrytips.com/use-kali-linux-raspberry-pi/

The Wireless Adapter - Alfa AWUS036NHA

Many options to choose:

Set up Adapter

https://davidbombal.com/can-i-hack-wifi-with-this-adapter/

Based off recommendations and availability on Amazon, I purchased the Alfa AWUS036NHA ←- write up why using this.

Troubleshooting:

Couldn’t get the lights to turn on

https://superuser.com/a/941710

Purchasing a USB hub solved my issue

Even then could not get the Wifi adapter to work. Eventually replugging and plugging it a few times got all the lights on and working

Alfa

Screenshot of successfully logged into Kali Linux via SSH via the terminal.

Logged In