Active Exploitation

Question 1

802.11 denial-of-service (DoS) attack that targets the communication link between a client and it’s AP;
risk is that an 802.11 device that is associated with an AP will be notified when it is disconnected from a network

Answer 1

Deauthentication Attack

Question 2

Continuous DoS attempt;
Attempt to make a device disconnect from your network, and associate with a ROGUE AP;
Capture SSID + WPA2 handshake data;
Make a windows client flush its ARP cache and send an ARP request

Answer 2

Deauthentication Attack

Question 3

Force my target to create a new initialization vectors (IV);
waits and listens for an ARP packets, obtains the packet, & transmits the package back over and over again
Forcing you to create a new ID

Answer 3

ARP Request Replay Attack

Question 4

Uses TKIP (Temporal Key Integrity Protocol);
method dynamically changes its keys as it’s being used

WPA2 is widely used today

Answer 4

WPA

Question 5

“pre-shared key”;
Every user gets the same 256-bit key to authenticate;
Longer, more complex password is recommended

Answer 5

WPA-PSK

Question 6

No shared key/TKIP/Each user gets a different authentication method;
Used in larger orgs

Answer 6

WPA/Enterprise

Question 7

Attacker waits for the 4 way handshake then tricks client into using an already known encryption key

Answer 7

KRACK key reinstallation attack

Question 8

designed to simplify the process of connecting to a network;
Most APs will have a button for this and security;
PIN can be used, but highly vulnerable to brute force attacks using the PIN method to connect;
Can be disabled

Answer 8

WPS