Tim Hieu Bao Mat Wlan Va Cac Cong Cu Tan Cong Wlan

7/30/2019 Tim Hieu Bao Mat Wlan Va Cac Cong Cu Tan Cong Wlan

1/35

Mn: Mng khng dy GVHD: Ninh Khnh Chi

LI NI U

Cng vi s pht trin mnh m ca khoa hc cng ngh, c bit l cng nghthng tin v in t vin thng, nhu cu trao i thng tin v d liu ca con ngingy cng cao. Mng my tnh ang ng vai tr quan trng trong mi lnh vc ca

i sng. Bn cnh nn tng mng my tnh hu tuyn, mng my tnh khng giyngay t khi ra i th hin c nhng u im ni bt v s tin dng, tnh linhhot v tnh n gin. Mc d mng khng giy xut hin kh lu, nhng s phttrin ni bt t c vo k nguyn cng ngh in t v chu nh hng ln ca nnkinh t hin i, cng nh nhng khm ph trong lnh vc vt l. Ti nhiu nc phttrin, mng khng dy thc s i vo i sng. Ch cn mt thit b nh laptop,PDA, hoc bt k mt phng tin truy cp mng khng dy no, chng ta c th truycp vo mng bt c ni u, trong nh, c quan, trng hc, cng sbt c nino nm trong phm vi ph sng ca mng. Do c im trao i thng tin trongkhng gian truyn sng nn kh nng thng tin b r r ra ngoi l iu d hiu. Nuchng ta khng khc phc c im yu ny th mi trng mng khng giy s trthnh mc tiu ca nhng hacker xm phm, gy ra nhng s tht thot v thng tin,tin bc Do bo mt thng tin l mt vn rt nng hin nay. i i vi s phttrin mng khng dy phi pht trin cc kh nng bo mt, cung cp thng tin hiuqu, tin cy cho ngi s dng.

Cng chnh nhng yu t trn nhm chng em lm ti nghin cu v tmhiu bo mt wlan v cc cng c tn cng wlan vi s hng dn nhit tnh ca c

Ninh Khnh Chi gip chng em hon thnh tt ti ny. Trong qu trnh xy dng ti khng trnh khi c nhiu sai xt rt mong c s gp ca cc thy c v cc

bn sinh vin ti c hon thin hn.

Tm hiu bo mt WLAN v cc cng c tn cng WLAN Trang 1


2/35


MC LC

CHNG 1: GII THIU TNG QUAN WLAN ..................................................7

1.1 Gii thiu v mng khng dy ................................................................................7

1.2 Gii thiu chun 802.11 .........................................................................................71.3 Gii thiu cc thit b mng ...................................................................................81.3.1 Thit b im truy cp (AP hoc Wireless Router) ............................................81.3.2 Thit b my khch: ..........................................................................................91.4 Cc ch hot ng ca Access Point .................................................................91.4.1 Ch gc (Root Mode) .......................................................................................91.4.2 Ch cu ni (Bridge Mode) .............................................................................91.4.3 Ch lp (Repeater Mode) ...............................................................................101.5 M hnh mng WLAN ..........................................................................................11

1.5.1 M hnh Wlan c lp (ad-hoc) ..........................................................................111.5.2 M hnh Wlan c s h tng (infrastructure) .....................................................11

CHNG 2: BO MT WLAN ..............................................................................12

2.1 Bo mt l g ? ......................................................................................................122.2 V sao phi bo mt ? ...........................................................................................122.3 nh gi vn an ton, bo mt h thng ........................................................122.3.1 Trn phng din vt l ......................................................................................122.3.2 Trn phng din logic ......................................................................................13

2.4 Mt s hnh thc tn cng WLAN ph bin ........................................................132.4.1 Tn cng b ng (Passive Attack) .....................................................................132.4.2 Tn cng ch ng (Active Attack) .....................................................................142.4.3 Phng thc bt gi tin (Sniffing) ......................................................................142.4.4 Tn cng yu cu xc thc li (De-Authentication Attack) ................................152.4.5 Tn cng truyn li (relay attack) ......................................................................152.4.6 Gi mo AP (rogue access point) .......................................................................162.4.7 Tn cng da trn s cm nhn sng mang lp vt l .......................................162.4.8 Tn cng gi nh a ch MAC ..........................................................................17

2.4.9 Tn cng t chi dch v (deny of services attack) .............................................172.5 Cc phng php bo mt WLAN .......................................................................182.5.1 Cc phng php lc ..........................................................................................182.5.2 Chng thc .........................................................................................................202.5.3 WLAN VPN .........................................................................................................202.5.4 M ha d liu truyn ........................................................................................21

CHNG 3: CC CNG C TN CNG WLAN ..............................................24

3.1 Gii thiu cng c Aircrack chy trn linux ........................................................24

3.2 Gii thiu cng c Gerix Wifi Cracker chy trn Linux .....................................253.3 Gii thiu cng c Netcut chy trn windows ......................................................25



3/35


3.4 Gii thiu cng c Cains chy trn windows .......................................................26

CHNG 4: DEMO CC CNG C TN CNG WLAN .................................27

4.1 Demo s dng cng c Aircrack hack password WLAN .....................................274.2 Demo s dng cng c Gerix Wifi Cracker hack password WLAN ....................28

4.3 Demo s dng cng c Netcut tn cng Arpspoof trong LAN ............................304.4 Demo s dng cng c Cain tn cng Sniffer password trong LAN .................32

CHNG 5: NHN XT .........................................................................................35

5.1 Kt lun .................................................................................................................355.2 Ti liu tham kho ................................................................................................35



4/35


MC LC HNH NH

Hnh 1.1: Thit b Access Point v Wireless Router..................................................8

Hnh 1.2: Root mode....................................................................................................9

Hnh 1.3: Bridge mode...............................................................................................10Hnh 1.4: Repeater mode...........................................................................................10

Hnh 1.5: M hnh mng Ad-hoc v Infratructure..................................................11

Hnh 2.1: M hnh tn cng yu cu xc thc li....................................................15

Hnh 2.2: Tn cng da trn c ch CSMA.............................................................17

Hnh 2.3: Lc a ch MAC.......................................................................................19

Hnh 2.4: Lc giao thc.............................................................................................20

Hnh 2.5: M hnh s dng VPN..............................................................................21Hnh 2.6: S m ha WEP...................................................................................21

Hnh 3.1: S dng lnh Man bit thng tin chi tit............................................24

Hnh 3.2: Giao din s dng Gerix Wifi Cracker....................................................25

Hnh 3.3: Giao din ca cng c Netcut...................................................................26

Hnh 3.4: Giao din chnh Cain................................................................................26

Hnh 4.1 M tnh nng monitor ca card wireless..................................................27

Hnh 4.2 Qut cc mng wifi.....................................................................................27Hnh 4.3: Qut ring mt AP....................................................................................27

Hinh 4.4: tm thy password...............................................................................28

Hnh 4.5: M tnh nng monitor trn card wireless................................................28

Hnh 4.6: Chn m WEP v m sniffing ln............................................................29

Hnh 4.7: ang thu thp thng tin t AP.................................................................29

Hnh 4.9: crack c password...........................................................................30

Hnh 4.10: Cut my Victim v default gateway.......................................................31Hnh 4.11: ARP table ca Victim b thay i......................................................31

Hnh 4.12: Khi b Attacker tn cng th Victim rt mng hon ton....................31

Hnh 4.13: gn MAC ca default gateway ti my Victim................................32

Hnh 4.14: Chn card mng cn nghe ln................................................................32

Hnh 4.15: Qut ton mng tm Victim....................................................................33

Hnh 4.16: Chn my Victim tn cng ARP Poison...........................................33

Hnh 4.17: M tnh nng ARP Poison......................................................................33

Hnh 4.18: Bng ARP table my Victim...............................................................34

Hnh 4.19: ly c password.............................................................................34



5/35




6/35


DANH MC CM T VIT TT

T vit tt Ting Anh Ting VitAES Advanced Encryption Standard Tiu chun m ha tin tinAP Access Point im truy cpARP Address Resolution Protocol Giao thc ARPCRC Cyclic Redundancy Check Kim d vngCSMA Cerrier Sense Multiple Access a truy cp cm bin sng mangDOS Denial Of Services Tn cng t chi dch vDSSS Dicrect Sequence Spread Spectrum Tri ph chui trc tipFTP File Transfer Protocol Giao thc truyn fileHD High Definition Chun phim nt caoHTTP Hyper Text Transfer Protocol Giao thc truyn ti siu vn bnIEEE Institute of Electrical and

Electronic Engineers

Vin cc k s in v in t

IPSEC Internet Protocol Security Bo mt giao thc IPIV Initialization Vector Vector khi toMAC Media Access Control iu khin truy cpMIMO Multi Input Multi Output

Techniques

K thut mimo

OFDM Orthogonal Frequency Division

Multiplexing

Ghp knh theo tn s trc giao

PDA Personal Digital Assistant Thit b k thut s c nhnRADIUS Remote Authentication Dial In

User Services

Dch v xc thc ngi dng

quay s t xaWPAN Wireless Personal Area Network Mng khng dy c nhnWLAN Wireless Local Area Network Mng khng dy cc bWMAN Wireless Metropolitan Area

Network

Mng v tuyn th

WWAN Wireless Wide Area Network Mng v tuyn din rngWRAN Wireless Regional Area Network Mng v tuyn khu vc



7/35


CHNG 1: GII THIU TNG QUAN WLAN

1.1 Gii thiu v mng khng dy

Cng ngh mng khng dy l mt phng thc chuyn giao t im ny nim khc khng s dng ng truyn vt l m s dng sng radio hay hng ngoi.

Hin nay, mng khng dy t c nhng bc pht trin ng k. Ti mts nc c nn cng ngh thng tin pht trin, mng khng dy thc s i vo cucsng. Ch cn mt laptop hay thit b PDA l bn c th truy cp mng bt k u,trn c quan, trong nh, ngoi ng, trong qun c ph, bt c u trong phm vi

ph sng ca Wlan.

Mng khng dy c chia lm 5 loi:

WPAN: mng v tuyn c nhn.

WLAN: mng v tuyn cc b.

WMAN: mng v tuyn th. WWAN: mng v tuyn din rng.

WRAN: mng v tuyn khu vc.

1.2 Gii thiu chun 802.11

Nm 1997, chun 802.11 c t chc IEEE cng b.

Nm 1999, chun 802.11 c cp nht thnh 802.11a v 802.11b (chun802.11b hay cn gi l wifi hin nay ang c s dng rt ph bin).

Nm 2003, t chc IEEE ph duyt chun 802.11g.

Chun 802.11n l chun mi nht hin nay.

Phn loi cc chun 802.11:

802.11a:o Tn s: 5 GHz

o Phng php: OFDM

o Tc l thuyt: 54 Mbps

o Tc thc t: 21 22 Mbps

o Phm vi: 25 -75 feeto ng dng: truyn hnh nh v tp tin ln

802.11b:o Tn s: 2.4 GHz

o Phng php: DSSS



o Phm vi: 100-150 feet

o ng dng: Trao i thng tin hoc truyn cc file nh 802.11e:



8/35


o Ci tin tng MAC phc v cc chun 802.11a, b,

o Nhm nng cao cht lng ca dch v.

802.11f:o Cho php cc AP khc hng vi nhau c th lm vic c vi nhau.

802.11g:o Tn s: 2.4 GHz

o Phng php: OFDM



o Phm vi: 100 150 feet

o ng dng: Truyn hnh nh, m thanh v lt web nhanh hn.

802.11n:

o Tn s: 2.4 v 5 GHzo Phng php: MIMO



o Phm vi: 250m

o ng dng: Phc v nhu cu gii tr a phng tin, ti tp tin ln, xemphim cht lng cao (HD, Full HD, Full HD 3D, )

1.3 Gii thiu cc thit b mng

1.3.1 Thit b im truy cp (AP hoc Wireless Router)AP: l thit b kt ni tp trung cc host trong mng vi nhau ging nh hub (c

pht sng). Cung cp cho cc client mt im truy cp vo mng.

Wireless Router: l thit b c tnh nng ging nh AP nhng c thm chc nngnh tuyn gia cc mng v hot ng Full Duplex. Hin nay thit b ny ang cs dng rng ri.

Hnh 1.1: Thit b Access Point v Wireless Router.



9/35


1.3.2 Thit b my khch:

Laptop: l thit b terminal c trang b c sn card wifi.

PC: l thit b terminal khng c trang b card wifi bi vy cn phi c cardPCI wireless hoc l card USB wirelsess.

PDA: l thit b thng minh c h tr card wifi.1.4 Cc ch hot ng ca Access Point

1.4.1 Ch gc (Root Mode)

Root mode c s dng khi AP kt ni vi mng backbone c dy thng quagiao din thng ethernet. Hu ht cc AP s h tr cc mode khc ngoi root mode,tuy nhin root mode l cu hnh mc nh. Khi root mode, AP c kt ni vi cngmt h thng c dy c th trao i d liu vi nhau. Cc client khng dy c th giaotip vi nhau thng qua AP.

Hnh 1.2: Root mode.

1.4.2 Ch cu ni (Bridge Mode)

Trong bridge mode, AP hot ng hon ton ging vi mt cu ni khng dy ni hai hoc nhiu on mng c dy li vi nhau bng kt ni khng dy. Ch mt s

t cc AP trn th trng c h tr chc nng bridge mode, iu ny s lm cho githit b cao hn.



10/35


Hnh 1.3: Bridge mode.

1.4.3 Ch lp (Repeater Mode)

AP trong ch repeater mode gip khuch i tn hiu v ng vai tr nh mtclient kt ni n mt AP khc root mode. Ch repeater thng c s dng khimun m rng vng ph sng.

Hnh 1.4: Repeater mode.



11/35


1.5 M hnh mng WLAN

1.5.1 M hnh Wlan c lp (ad-hoc)

Cc nt di ng tp trung li trong mt khng gian nh hnh thnh nn kt ningang cp gia chng. Cc nt di ng c card mng wireless l chng c th trao ithng tin trc tip vi nhau m khng cn thng qua thit b tp trung. V mng ad-hoc

ny c th thc hin nhanh v d dng nn chng thng c thit lp v vy n rtthch hp s dng trong cc hi ngh thng mi hoc trong cc nhm lm vic tmthi. Tuy nhin ad-hoc c nhc im v vng ph sng b gii hn, mi ngi sdng u c th nghe ln ln nhau.

Hnh 1.5: M hnh mng Ad-hoc v Infratructure.

1.5.2 M hnh Wlan c s h tng (infrastructure)

Trong mng Wlan c s h tng, nhiu nt truy cp tp trung ln AP cho phpngi dng chia s cc ti nguyn mng mt cch hiu qu. Ngoi ra cn c m hnhc s h tng m rng l cc nt truy cp ln AP v AP ni trc tip vi mng c dy.M hnh ny c s dng rt rng ri hin nay nh cng ty, trng hc, qu c ph,...



12/35


CHNG 2: BO MT WLAN

2.1 Bo mt l g ?

Trong h thng mng, vn an ton v bo mt mt h thng thng tin ngmt vai tr ht sc quan trng. Thng tin ch c gi tr khi n gi c tnh chnh xc,

thng tin ch c tnh bo mt khi ch c nhng ngi c php nm gi thng tin bitc n. Khi ta cha c thng tin, hoc vic s dng h thng thng tin cha phi l

phng tin duy nht trong qun l, iu hnh th vn an ton, bo mt i khi bxem thng. Nhng mt khi nhn nhn ti mc quan trng ca tnh bn h thng vgi tr ch thc ca thng tin ang c th chng ta s c mc nh gi v an tonv bo mt h thng thng tin. m bo c tnh an ton v bo mt cho mt hthng cn phi c s phi hp gia cc yu t phn cng, phn mm v con ngi.

2.2 V sao phi bo mt ?

Mng WLAN vn l mt mng khng an ton, tuy nhin ngay c vi mng

Wired LAN hay WAN nu khng c phng php bo mt hu hiu u khng anton. kt ni ti mt mng LAN hu tuyn ngi dng cn phi truy cp theong truyn bng dy cp, phi kt ni mt PC vo mt cng mng. Cc mng khngdy s dng sng v tuyn xuyn qua vt liu ca cc ta nh, nh vy, s bao phca sng v tuyn khng phi ch trong phm vi ca ta nh y. Do , mng khngdy ca mt cng ty cng c th b truy cp t bn ngoi ta nh cng ty ca h nhcc thit b thch hp.

Vi gi thnh xy dng mt h thng mng WLAN gim, ngy cng c nhiu tchc, cng ty v cc c nhn s dng. iu ny s khng th trnh khi vic hackerchuyn sang tn cng v khai thc cc im yu trn nn tng mng s dng chun802.11. Nhng cng c Sniffers cho php bt c cc gi tin giao tip trn mng, hc th phn tch v ly i nhng thng tin quan trng ca chng ta. Ngoi ra, hacker cth ly i nhng d liu mt ca cng ty, xen vo phin giao dch gia t chc vkhch hng ly nhng thng tin nhy cm hoc ph hoi h thng. Nhng tn tht toln ti t chc, cng ty khng th lng trc c. V th, xy dng m hnh chnhsch bo mt l cn thit.

2.3 nh gi vn an ton, bo mt h thng

m bo an ninh cho mng, cn phi xy dng mt s tiu chun nh gimc an ninh an ton mng. Mt s tiu chun c tha nhn l thc o mc

an ninh mng.2.3.1 Trn phng din vt l

C thit b d phng nng cho cc tnh hung hng t ngt. C kh nng thayth nng tng phn hoc ton phn (hot-plug, hot-swap).

Bo mt an ninh ni lu tr cc my ch.

Kh nng cp nht, nng cp, b xung phn cng v phn mm.

Yu cu ngun in, c d phng trong tnh hung mt t ngt.

Cc yu cu ph hp vi mi trng xung quanh: m, nhit , chng st,

phng chng chy n, vv...



13/35


2.3.2 Trn phng din logic

Tnh b mt (Confidentiality)

L gii hn cc i tng c quyn truy xut n thng tin. i tng truyxut thng tin c th l con ngi, my tnh v phn mm. Ty theo tnh cht cathng tin m mc b mt ca chng c th khc nhau.

Tnh xc thc (Authentication)

Lin quan ti vic m bo rng mt cuc trao i thng tin l ng tin cy.Trong trng hp mt bn tin n l, v d nh mt tn hiu bo ng hay cnh bo,chc nng ca dch v y quyn l m bo bn nhn rng bn tin l t ngun m nxc nhn l ng.

Trong trng hp mt tng tc ang xy ra, v d kt ni ca mt u cui nmy ch, c hai vn sau: th nht ti thi im khi to kt ni, dch v m borng hai thc th l ng tin. Mi chng l mt thc th c xc nhn. Th hai, dchv cn phi m bo rng kt ni l khng b gy nhiu do mt thc th th ba c thgi mo l mt trong hai thc th hp php truyn tin hoc nhn tin khng ccho php.

Tnh ton vn (Integrity)

Tnh ton vn m bo s tn ti nguyn vn ca thng tin, loi tr mi s thayi thng tin c ch ch hoc do h hng, mt mt thng tin v s c thit b hoc

phn mm.

Tnh khng th ph nhn (Non repudiation)

Tnh khng th ph nhn bo m rng ngi gi v ngi nhn khng th chi

b mt bn tin c truyn. V vy, khi mt bn tin c gi i, bn nhn c thchng minh c rng bn tin tht s c gi t ngi gi hp php. Hon tontng t, khi mt bn tin c nhn, bn gi c th chng minh c bn tin ngtht c nhn bi ngi nhn hp l.

Tnh kh dng (Availability)

Mt h thng m bo tnh sn sng c ngha l c th truy nhp d liu bt clc no mong mun trong vng mt khong thi gian cho php. Cc cuc tn cngkhc nhau c th to ra s mt mt hoc thiu v s sn sng ca dch v. Tnh khdng ca dch v th hin kh nng ngn chn v khi phc nhng tn tht ca h

thng do cc cuc tn cng gy ra. Kh nng iu khin truy nhp (Access Control)

Trong hon cnh ca an ninh mng, iu khin truy cp l kh nng hn ch cctruy nhp vi my ch thng qua ng truyn thng. t c vic iu khinny, mi mt thc th c gng t c quyn truy nhp cn phi c nhn din,hoc c xc nhn sao cho quyn truy nhp c th c p ng nhu cu i vitng ngi.

2.4 Mt s hnh thc tn cng WLAN ph bin

2.4.1 Tn cng b ng (Passive Attack)Tn cng b ng l mt phng php tn cng kh l n gin nhng rt hiu

qu. Tn cng b ng khng li du vt no chng t c s xut hin ca



14/35


Attacker trong mng v khi tn cng Attacker khng gi bt k gi tin no m ch lngnghe mi d liu lu thng trn mng. Nhc im ln nht ca tn cng b ngchnh l mt kh nhiu thi gian trong vic lng nghe cc gi tin trn knh truyn.

2.4.2 Tn cng ch ng (Active Attack)

Attacker c th tn cng ch ng thc hin mt s tc v trn mng. Mt

cuc tn cng ch ng c th c s dng truy cp vo server v ly c nhngd liu c gi tr hay s dng ng kt ni Internet ca doanh nghip thc hinnhng mc ch ph hoi hay thm ch l thay i cu hnh ca h tng mng. Bngcch kt ni vi mng khng dy thng qua AP, Attacker c th xm nhp su hn vomng hoc c th thay i cu hnh ca mng. Tn cng chp nhong, bt ng, khngcho Victim c c hi chng thng th xy ra vi thi gian rt nhanh. y cngchnh l u im ca tn cng ch ng. Nhc im ln nht chnh l h thng s luli cc file log nn d dng tm ra Attacker.

2.4.3 Phng thc bt gi tin (Sniffing)

Bt gi tin l khi nim tng qut Nghe trm (Eavesdropping) s dng trongmng my tnh. C l l phng php n gin nht, tuy nhin n vn c hiu qu ivi vic tn cng WLAN. Bt gi tin c th hiu nh l mt phng thc ly trmthng tin khi t mt thit b thu nm trong hoc nm gn vng ph sng. Tn cngkiu bt gi tin s kh b pht hin ra s c mt ca thit b bt gi tin d thit b nm trong hoc nm gn vng ph sng nu thit b khng thc s kt ni ti AP thu cc gi tin.

Vic bt gi tin mng c dy thng c thc hin da trn cc thit b phncng mng, v d nh vic s dng phn mm bt gi tin trn phn iu khin thngtin ra vo ca mt card mng trn my tnh, c ngha l cng phi bit loi thit b

phn cng s dng, phi tm cch ci t phn mm bt gi ln , vv.. tc l khngn gin. i vi mng khng dy, nguyn l trn vn ng nhng khng nht thit

phi s dng v c nhiu cch ly thng tin n gin, d dng hn nhiu. Bi v ivi mng khng dy, thng tin c pht trn mi trng truyn sng v ai cng cth thu c.

Nhng chng trnh bt gi tin c kh nng ly cc thng tin quan trng, mtkhu, ... t cc qu trnh trao i thng tin trn my ca chng ta vi cc site HTTP,email, cc instant messenger, cc phin FTP, cc phin Telnet nu nhng thng tintrao i di dng vn bn khng m ha (clear text). C nhng chng trnh c

th ly c mt khu trn mng khng dy ca qu trnh trao i gia Client vServer khi ang thc hin qu trnh nhp mt khu ng nhp. Cng t vic bt gitin, c th nm c thng tin, phn tch c lu lng ca mng (Traffic analysis),

ph nng lng trong khng gian ca cc vng. T m k tn cng c th bit chno sng truyn tt, ch no km, ch no tp trung nhiu my.

Bt gi tin ngoi vic trc tip gip cho qu trnh ph hoi, n cn gin tip ltin cho cc phng thc ph hoi khc. Bt gi tin l c s ca cc phng thctn cng nh n trm thng tin, thu thp thng tin phn b mng (wardriving), d m,

b m (key crack), ...

Bin php ngn chn bt gi tin: V bt gi tin l phng thc tn cng kiu bng nn rt kh pht hin v do c im truyn sng trong khng gian nn khngth phng nga vic nghe trm ca k tn cng. Gii php ra y l nng cao kh



15/35


nng m ha thng tin sao cho k tn cng khng th gii m c, khi thng tinly c s thnh v gi tr i vi k tn cng. Cch tt nht phng chng Sniffingl m ha thng lng bng IPSec.my.

2.4.4 Tn cng yu cu xc thc li (De-Authentication Attack)

Kiu tn cng deauthetication l phng php khai thc hiu qu mt li xut

hin trong chun 802.11. Trong mt mng 802.11, khi mt node mi mun tham giavo mng li th n s phi tin hnh cc quy trnh xc thc v lin kt. Sau khi png c cc yu cu th node s c cp php truy cp vo mng.

Vic c c a ch ca AP trong mng l v cng d dng. Khi Attacker bitc a ch ca AP, n s s dng a ch broadcast gi thng ipdeauthentication n cho tt c cc node bn trong mng. Cc node s chp nhn ccthng ip deauthentication khng h nghi ng cng nh c cc bin php xc minhxem th c phi thng ip deauthentication c gi t AP hay khng. Bc tiptheo ca quy trnh ny l tt c cc node nhn c deauthentication s tin hnh

reconnect, reauthorize v reasociate n AP. Vic cc node ng lot tin hnhreauthenticated s khin cho mng b tc nghn. Hoc sau khi kt ni li, Attacker lintc gi thng ip yu cu xc thc li cho ngi dng khin ngi dng khng thtruy cp vo mng.

Hnh 2.1: M hnh tn cng yu cu xc thc li.

2.4.5 Tn cng truyn li (relay attack)

Tn cng truyn li, k tn cng s tin hnh lng nghe trn ng truyn caVictim. Khi Victim tin hnh trao i cc thng tin quan trng v d nh password thk tn cng s chn cc gi tin li. Cc gi tin b bt khng b k tn cng thay ini dung m gi nguyn i n thi gian thch hp no s gi gi tin i gidng nh n c gi ra t my gc.

Trong mng 802.11 tn cng truyn li hu nh chc chn s to ra hin tngDenial of Service. Hin tng ny xy ra bi v cc node nhn c thng ip sdnh trn bng thng v thi gian s l cho vic gii m thng ip dn n tnh trng

Denial of Service. 802.11 d b tn thng i vi loi hnh tn cng ny bi v kiutn cng ny da trn vic thiu hon ton th t nh s ca cc thng ip. Ccnode nhn packets do nhng k tn cng gi n, cc paket ny u hp l tuy nhin



16/35


th t ca packet khng p ng c trnh t packet m node nhn c, iu nykhin cho node dnh ton b bng thng v thi gian gii m chng. Ngoi ra802.11 cng khng h c bt k phng php no xc nh v loi b replayedmessages.

2.4.6 Gi mo AP (rogue access point)

Gi mo AP l kiu tn cng man in the middle c in. y l kiu tn cngm Attacker ng gia v trm lu lng truyn gia 2 nt. Kiu tn cng ny rtmnh v Attacker c th ly i tt c lu lng i qua mng. Rt kh khn to mtcuc tn cng man in the middle trong mng c dy bi v kiu tn cng ny yucu truy cp thc s n ng truyn. Trong mng khng dy th li rt d b tncng kiu ny. Attacker cn phi to ra mt AP thu ht nhiu s la chn hn APchnh thng. AP gi ny c th c thit lp bng cch sao chp tt c cc cu hnhca AP chnh thng l : SSID, a ch MAC,...

Bc tip theo l lm cho Victim thc hin kt ni ti AP gi. Cch th nht l

i cho ngui dng t kt ni. Cch th hai l gy ra mt cuc tn cng t chi dchv DoS trong AP chnh thng do vy ngui dng s phi kt ni li vi AP gi. Trongmng 802.11 s la chn AP c thc hin bi cng ca tn hiu nhn. iu duynht Attacker phi thc hin l chc chn rng AP ca mnh c cng tn hiumnh hn c. c c iu Attacker phi t AP ca mnh gn Victim hn lAP chnh thng hoc s dng k thut anten nh hng. Sau khi Victim kt ni tiAP gi, Victim vn hot ng nh bnh thng do vy nu Victim kt ni n mt APchnh thng khc th d liu ca Victim u i qua AP gi. Attacker s s dng cctin ch ghi li mt khu ca Victim khi trao i vi Web Server. Nh vy, Attackers c c tt c nhng g anh ta mun ng nhp vo mng chnh thng.

Kiu tn cng ny tn ti l do trong 802.11 khng yu cu chng thc 2 hnggia AP v nt. AP pht qung b ra ton mng. iu ny rt d b Attacker nghe trmv do vy Attacker c th ly c tt c cc thng tin m chng cn. Cc nt trongmng s dng WEP chng thc chng vi AP nhng WEP cng c nhng l hngc th khai thc. Mt Attacker c th nghe trm thng tin v s dng b phn tch mho trm mt khu ca ngi dng.

2.4.7 Tn cng da trn s cm nhn sng mang lp vt l

K tt cng li dng giao thc chng ng CSMA/CA, tc l n s lm chott c ngi dng ngh rng lc no trong mng cng c 1 my tnh ang truyn thng.

iu ny lm cho cc my tnh khc lun lun trng thi ch i k tn cng ytruyn d liu xong, dn n tnh trng nghn trong mng.

Tn s l mt nhc im bo mt trong mng khng dy. Mc nguy himthay i ph thuc vo giao din ca lp vt l. C mt vi tham s quyt nh s chung ca mng l : nng lng my pht, nhy ca my thu, tn s RF (RadioFrequency), bng thng v s nh hng ca anten. Trong 802.11 s dng thut tona truy cp cm nhn sng mang (CSMA) trnh va chm.

CSMA l mt thnh phn ca lp MAC. CSMA c s dng chc chn rngs khng c va chm d liu trn ng truyn. Kiu tn cng ny khng s dng tp

m to ra li cho mng nhng n s li dng chnh chun . C nhiu cch khaithc giao thc cm nhn sng mang vt l. Cch n gin l lm cho cc nt trongmng u tin tng rng c mt nt ang truyn tin ti thi im hin ti. Cch d



17/35


nht t c iu ny l to ra mt nt gi mo truyn tin mt cch lin tc. Mtcch khc l s dng b to tn hiu RF. Mt cch tn cng tinh vi hn l lm cho cardmng chuyn vo ch kim tra m n truyn i lin tip mt mu kim tra. Ttc cc nt trong phm vi ca mt nt gi l rt nhy vi sng mang v trong khi cmt nt ang truyn th s khng c nt no c truyn.

Hnh 2.2: Tn cng da trn c ch CSMA.

2.4.8 Tn cng gi nh a ch MAC

Trong 802.11 a ch MAC l mt cch ngn ngi dng bt hp php gianhp vo mng. Trong khi gi tr c m ha trong phn cng l khng th thay i

th gi tr c a ra trong chng trnh ca phn cng li c th thay i c.Da vo hacker s dng nhng chng trnh c th thay i a ch MAC,

hacker khng phi i tm a ch MAC bi n c pht qung b ra ton mng dochun 802.11 yu cu, v bng vic gi mo a ch MAC tin tc c nhn dng nhmt ngi dng hp php ca mng.

2.4.9 Tn cng t chi dch v (deny of services attack)

DoS l mt k thut c s dng ch n gin lm h hng mng khng dyhoc lm cho n khng th cung cp dch v nh thng thng. Tng t nh nhngk ph hoi s dng tn cng DoS vo mt web server lm nghn server th mng

WLAN cng c th b shutdown bng cch gy nghn tn hiu RF. Nhng tn hiu gynghn ny c th l c hay v v c th loi b c hay khng loi b c. Khimt Attacker ch ng tn cng DoS, Attacker c th s dng mt thit b WLAN c

bit, thit b ny l b pht tn hiu RF cng sut cao hay thit b chuyn dung khc.

loi b kiu tn cng ny th yu cu u tin l phi xc nh c ngun tnhiu RF. Vic ny c th lm bng cch s dng mt Spectrum Analyzer (my phntch ph). C nhiu loi Spectrum Analyzer trn th trng nhng ta nn dng loi cmtay, dng pin cho tin s dng. Mt cch khc l dng cc ng dng SpectrumAnalyzer phn mm km theo cc sn phm WLAN cho client.

DoS do v xut hin thng xuyn do nhiu thit b khc nhau chia s chungbng tn 2.4 ISM vi mng WLAN. DoS mt cch ch ng thng khng ph bin



18/35


lm, l do l bi v thc hin c DoS th rt tn km, gi ca thit b rt mc tin,kt qu t c ch l tm thi shut down mng trong thi gian ngn.

Mt s cng c thc hin nh :

WLAN-Jack

FATA-Jack.2.5 Cc phng php bo mt WLAN

2.5.1 Cc phng php lc

2.5.1.1 Lc SSID

Lc SSID (SSID Filtering) l mt phng php lc ch c dng cho hu htcc iu khin truy nhp. SSID ca mt trm WLAN phi khp vi SSID trn APhoc ca cc trm khc chng thc v lin kt Client thit lp dch v.

Nhiu AP c kh nng ly cc SSID ca cc khung thng tin dn ng (beacon

frame). Trong trng hp ny client phi so khp SSID lin kt vi AP. Lc SSIDc coi l mt phng php khng tin cy trong vic hn ch nhng ngi s dngtri php ca mt WLAN.

Mt vi li chung do ngi s dng WLAN to ra khi thc hin SSID l:

S dng SSID mc nh: S thit lp ny l mt cch khc a ra thng tinv WLAN ca mng. N n gin s dng mt b phn tch mng lya ch MAC khi ngun t AP. Cch tt nht khc phc li ny l: Lunlun thay i SSID mc nh.

S dng SSID nh nhng phng tin bo mt mng WLAN : SSID phi

c ngi dng thay i trong vic thit lp cu hnh vo mng. N nnc s dng nh mt phng tin phn on mng ch khng phi bomt, v th hy: lun coi SSID ch nh mt ci tn mng.

Khng cn thit qung b cc SSID: Nu AP ca mng c kh nng chuynSSID t cc thng tin dn ng v cc thng tin phn hi kim tra th hycu hnh chng theo cch . Cu hnh ny ngn cn nhng ngi nghe v tnhkhi vic gy ri hoc s dng WLAN.

2.5.1.2 Lc a ch MAC

WLAN c th lc da vo a ch MAC ca cc trm khch. Hu ht tt c cc

AP u c chc nng lc MAC. Ngi qun tr mng c th bin tp, phn phi v botr mt danh sch nhng a ch MAC c php v lp trnh chng vo cc AP. Numt card PC hoc nhng Client khc vi mt a ch MAC m khng trong danh scha ch MAC ca AP, n s khng th n c im truy nhp .



19/35


Hnh 2.3: Lc a ch MAC.

Lp trnh cc a ch MAC ca cc Client trong mng WLAN vo cc AP trnmt mng rng l khng thc t. B lc MAC c th c thc hin trn RADIUSServer thay v trn mi im truy nhp. Cch cu hnh ny lm cho lc MAC l mtgii php an ton, v do c kh nng c la chn nhiu hn.

Mc d Lc MAC trng c v l mt phng php bo mt tt, chng vn cn db nh hng bi nhng thm nhp sau:

S n trm mt Card PC trong c mt b lc MAC ca AP

Vic thm d WLAN v sau gi mo vi mt a ch MAC thm nhpvo mng.

Vi nhng mng gia nh hoc nhng mng trong vn phng nh, ni m c mts lng nh cc trm khch, th vic dng b lc MAC l mt gii php bo mt hiuqu. V khng mt hacker thng minh no li tn hng gi truy nhp vo mt mngc gi tr s dng thp.

2.5.1.3 Lc giao thc

Mng WLAN c th lc cc gi i qua mng da trn cc giao thc lp 2 n lp7. Trong nhiu trng hp, cc nh sn xut lm cc b lc giao thc c th nh hnhc lp cho c nhng on mng hu tuyn v v tuyn ca AP. Nu cc kt ni cci t vi mc ch c bit ca s truy nhp Internet ca ngi s dng, th b lcgiao thc s loi tt c giao thc, ngoi tr SMTP, POP3, HTTP, HTTPS, FTP,...



20/35


Hnh 2.4: Lc giao thc.

2.5.2 Chng thc

Ngi s dng mun truy nhp vo cc ti nguyn ca mng th s phi c xcnhn bi h thng bo mt. C cc c bn kim sot s xc thc ngi s dng:

Xc thc ngi s dng: Cung cp quyn s dng cc dch v cho mi ngidng. Mi khi mun s dng mt ti nguyn hay dch v ca h thng, anh tas phi c xc thc bi mt my ch xc thc ngi s dng v kim traxem c quyn s dng dch v hay ti nguyn ca h thng khng.

Xc thc trm lm vic: Cho php ngi s dng c quyn truy nhp tinhng my c a ch xc nh. Ngc li vi vic xc thc ngi s dng, xcthc trm lm vic khng gii hn vi cc dch v.

Xc thc phin lm vic: Cho php ngi s dng phi xc thc s dngtng dch v trong mi phin lm vic. C cc gii php c bn sau:

o TACAC dng cho vic truy nhp t xa thng qua Cisco Router.

o RADIUS kh ph bin cho vic truy nhp t xa (Remote Access).

o Firewall cng l mt cng c mnh cho php xc thc cc loi trn.

2.5.3 WLAN VPNNhiu nh sn xut WLAN tch hp phn mm VPN server vo trong AP v

gateway cho php s dng cng ngh VPN bo mt kt ni khng dy. Lc ,client phi s dng phn mm VPN client chy cc giao thc nh PPTP hay IPSec thit lp tunnel trc tip n AP.

Trc tin, client phi kt ni vi AP. Sau , mt kt ni VPN dial-up s phic to ra cho client truyn traffic qua AP. Tt c traffic truyn qua tunnel c thc m ha v a vo tunnel tng thm mt lp bo mt na. Gii php ny cu im l gi c hp l v ci t kh n gin.



21/35


Hnh 2.5: M hnh s dng VPN.

2.5.4 M ha d liu truyn

2.5.4.1 WEP(Wired Equivalent Privacy)

WEP l thut ton m ha c i xng c ngha l qu trnh m ha v qu trnhgii m u dng mt kha dng chung (share key), kha ny AP s dng v Clientc cp.

WEP l mt thut ton nhm bo v s trao i thng tin chng li s nghe trm,chng li nhng kt ni mng khng c cho php cng nh chng li vic thay ihoc lm nhiu thng tin truyn. Kha dng chung v vector khi to (IV) l haingun d liu u vo ca b to m dng thut ton RC4 to ra chui kha (key

stream). Mc khc phn ni dung bn tin c b xung thm phn kim tra CRC to thnh gi tin mi. Gi tin mi vn c ni dung dng cha m ha (plant text) sc kt hp vi chui cc kha key stream theo thut ton XOR to thnh mt bntin c m ha (cipher text). Bn tin ny v chui IV c ng thnh gi phpi. Vic gii m xy ra ngc li.

Hnh 2.6: S m ha WEP

WEP s dng kha c nh c chia s gia mt Access Point v nhiu ngidng cng vi mt IV ngu nhin 24 bit. Do , cng mt IV s c s dng linhiu ln. Bng cc thu thp thng tin truyn i, Attacker c th c thng tin cnthit c th b kha WEP ang dng. Nhng nhc im v bo mt WEP:

Mt khi kha WEP c bit, k tn cng c th gii m thng tin truyn iv c th thay i ni dung ca thng tin truyn i. Do vy WEP khng m

bo c tnh b mt v ton ven.



22/35


Vic s dng mt kha c nh c chn bi ngi s dng v t khi cthay i (tc c ngha l kha WEP khng c t ng thay i) lm choWEP rt d b tt cng.

WEP cho php ngi dng xc thc AP trong khi AP khng th xc minh tnhxc thc ca ngi dng. Ni mt cch khc, WEP khng cung ng mutual

authentication.2.5.4.2 WPA (Wifi Protected Access)

WEP c xy dng bo v mt mng khng dy trnh b nghe trm. Nhngnhanh chng sau ngi ta pht hin ra nhiu l hng cng ngh ny. Do , cngngh mi c tn gi WPA ra i, khc phc c nhiu nhc im ca WEP.

Mt trong nhng ci tin quan trng nht ca WPA l s dng hm thay i khoTKIP (Temporal Key Integrity Protocol). WPA cng s dng thut ton RC4 nhWEP nhng m ho y 128 bit. V mt c im khc l WPA thay i kho chomi gi tin. Cc cng c thu thp cc gi tin ph kho m ho u khng th thc

hin c vi WPA. Bi WPA thay i kho lin tc nn hacker khng bao gi thuthp d liu mu tm ra mt khu. Khng nhng th, WPA cn bao gm kimtra tnh ton vn ca thng tin (Message Integrity Check). V vy, d liu khng th bthay i trong khi ang trn ng truyn. Mt trong nhng im hp dn nht caWPA l khng yu cu v phn cng nhiu, ch cn thit b c h tr l c th s dngc. Cc bn nng cp min ph v phn mm cho hu ht cc Card mng v imtruy cp s dng WPA rt d dng v c sn.

WPA c sn 2 la chn: WPA Personal v WPA Enterprise. C 2 la chn nyu s dng giao thc TKIP v s khc bit ch l kho khi to m ho lc u. WPAPersonal thch hp cho gia nh v mng vn phng nh, kho khi to s c sdng ti cc im truy cp v thit b my trm. Trong khi , WPA cho doanh nghipcn mt my ch xc thc v 802.1x cung cp cc kho khi to cho mi phin lmvic.

Trong khi Wi-Fi Alliance a ra WPA, v c coi l loi tr mi l hng db tn cng ca WEP nhng ngi s dng vn khng thc s tin tng vo WPA. Cmt l hng trong WPA v li ny ch xy ra vi WPA Personal. Khi m hm thay ikho TKIP c s dng to ra cc kho m ho b pht hin, nu hacker c thon c kho khi to hoc mt phn ca mt khu, h c th xc nh c ton

b mt khu, do c th gii m c d liu. Tuy nhin, l hng ny cng s b loi

b bng cch s dng nhng kho khi to khng d on. iu ny cng c ngharng k thut TKIP ca WPA ch l gii php tm thi, cha cung cp mt phngthc bo mt cao nht.

WPA ch thch hp vi nhng cng ty m khng truyn d liu "mt" vthng mi, hay cc thng tin nhy cm... WPA cng thch hp vi nhng hot nghng ngy v mang tnh th nghim cng ngh.

2.5.4.3 WPA 2 (Wifi Protected Access version 2)

WPA 2 cng tng t nh WPA nhng s dng phng php m ha mnh hnAES (Advanced Encryption Standard) vi di kha 256 bits. Trn l thuyt, AES

vn c th b c, nhng thi gian b kho l khng kh thi trong thc t tnh tithi im ny, cho nn n c xem l an ton tuyt i.



23/35


Mc d vy, WPA 2 cng gp phi vn l kh khn trong vic gi b mt khony do nhng ngi s dng c th ni cho nhau hoc b l do v tnh ghi kha ra u.



24/35


CHNG 3: CC CNG C TN CNG WLAN

3.1 Gii thiu cng c Aircrack chy trn linux

Aircack l b cng c min ph chy trn h iu hnh linux, cng c ny chuyn crack password trong mng khng dy rt hiu qu nh WEP, WPA,... Giao din

cng c Aircrack l giao din command line nn s hn kh xi i vi ngi mi sdng. Hin nay th Aircack chy ch yu trn linux l ch yu, cn c mt s phin

bn Aircrack chy trn h iu hnh windows l do mt s lp trnh vin bin tp tlinux sang windows nhng mt s tnh nng trong phin bn windows s khng bng

phin bn chy trn linux c. Sau y s gii thiu mt s thng dng c bn:

Chuyn card mng wireless t manager sang monitor (ch nghe ngng).

Cch dng: airmon-ng

Bt gi tin trong mng khng dy (wifi).

Cch dng: airodump-ng To gi tin gi n AP nhm nhn cc gi ARP phn hi.

Cch dng: aireplay-ng

Gi gi tin gi n AP nhn phn hi.

Cch dng:packetforge-ng

D mt khu.

Cch dng: aircrack-ng

Ngoi ra c th xem thng tin chi tit aircrack Cch dng: man aircrack-ng

Hnh 3.1: S dng lnh Man bit thng tin chi tit.



25/35


3.2 Gii thiu cng c Gerix Wifi Cracker chy trn Linux

y l b cng c d tm pasword ca mng khng dy vi giao din ha rtd s dng, ch vi cc click chut th c th tm thy password mt cch nhanhchng. B cng c ny ging vi cng c Aircrack, thay v Aircrack l s dngcommand line th cng c ny s dng giao din ha thao tc.

Vi chc nng b kha WEP, WPA,... v Fake AP rt nhanh chng v dng.

Hnh 3.2: Giao din s dng Gerix Wifi Cracker.

3.3 Gii thiu cng c Netcut chy trn windows

Netcut l mt cng c chuyn i ph trong mang LAN, vi cc phin bn trcy th ch h tr i vi mng LAN v h iu hnh l windows xp nhng gi y

Netcut c nng cp, h tr c mng WLAN v h iu hnh windows 7.Nguyn tc lm vic ca Netcut chnh l tn cng arpspoof trong phn demo s trnhby r v vn ny.

Vy th trong trng hp no Attacker s dng Netcut. Trong trng hp

Attacker khng mun mt hay nhiu my Victim no y s dng mng internet haykhng mun my Victim i ra ngoi mng LAN c.



26/35


Hnh 3.3: Giao din ca cng c Netcut.

3.4 Gii thiu cng c Cains chy trn windows

Cain l cng c chy trn nn tng window kh l ni ting vi nhng tnh nngnh sniffer password, decoders, crack,... thm ch cn c th b kha mng khng dyna nh WEP, WPA,... cain c th hack c th chng ta cn phi c thm cngc gn ngoi l anten. Vi giao din rt d s dng cng c cain rt ph hp vinhng Attacker mi vo ngh.

Trn linux c h iu hnh backtrack cha ton tp nhng cng c dng hackhay ni cch khc l h iu hnh ca cc hacker. Trn windows th c cain, tuyv tnh nng cng nh tn cng khng mm do bng backtrack nhng b li cain lic giao din rt d s dng v cung cp y cc cng c cho mt Attacker. phndemo s ni r v nguyn tc tn cng sniffer password trong mng LAN.

Hnh 3.4: Giao din chnh Cain.



27/35


CHNG 4: DEMO CC CNG C TN CNG WLAN

4.1 Demo s dng cng c Aircrack hack password WLAN

u tin ta phi m tnh nng monitor ca card wireless ln.

Hnh 4.1 M tnh nng monitor ca card wireless.

S dng lnh: airodump-ng mon0 n qut cc mng.

Hnh 4.2 Qut cc mng wifi.

Tip theo ta s chn mng mun nghe ln. Nh v d y mnh ly ESSID tnl quocnhanit, knh: 1, BSSID: C8:3A:35:4D:CE:A8

S dng lnh: airodump-ng c 1 bssid C8:3A:35:4D:CE:A8 w a.cap mon0

Hnh 4.3: Qut ring mt AP.

Khi chng ta c mt lng data th c th tm ra m WEP, thng th ivi m WEP mt khu khng phc tp th c 20000 data d ra ri. Ngoi ra ychng ta mun y nhanh qu trnh tng lng data chng ta c th s dng lnhairelay-ng nhn c nhiu gi ARP tr v.

crack password chng ta xi lnh: aircrack-ng a 1 a*.cap . Vi cc thng s-a l cho bit chun mun hack l WEP (1) WPA (2) v a*.cap l tn tp tin m chngta nghe ln ny gi.



28/35


Hinh 4.4: tm thy password.

4.2 Demo s dng cng c Gerix Wifi Cracker hack password WLAN

Hnh 4.5: M tnh nng monitor trn card wireless.

giao din u tin ca chng trnh ta chn tip nhn Configuration v chntip card wireless nhn enable m tnh nng monitor ca ca card wireless. Tip

n nhn Rescan networks qut cc mng v hin th cc mng trn.



29/35


Hnh 4.6: Chn m WEP v m sniffing ln.

Hnh 4.7: ang thu thp thng tin t AP.

Sau khi thu thp thng tin t AP y gi ta ch c vic crack thi, chng ta

lm tip nh sau.



30/35


Hnh 4.8: Chn chun WEP crack password.

Hnh 4.9: crack c password.

Qua 2 cng c demo trn th t password mnh th Attacker d ra passwordcng rt l kh khn. Vi demo aircrack th password 5 k t d trong vng cha n30s l ra. Nhng vi demo ny mnh t password 13 k t trong c ch hoa, chthng v k t c bit, tn hn 15 mi d ra c password ny.

4.3 Demo s dng cng c Netcut tn cng Arpspoof trong LAN

Qu trnh ca cuc tn cng ny l lm cho my Victim xy dng bn ARP tablevi thng s sai lch v Victim khng th truy cp ra c cc mng khc cng nhinternet, y c coi l mc ch ca Attacker s dng tn cng arpspoof.

Cng c ny s dng kh l n gin ch cn m ln v chn nhng my Victimcn cut.



31/35


Hnh 4.10: Cut my Victim v default gateway.

Sau khi b Attacker tn cng qua my Victim kim tra. Thy bng ARP table camy Victim b thay i. MAC ca default gateway b i thnh mt MAC khcv vic ng ngha vi my Victim khng th thng vi cc mng bn ngoi thmch l khng thng vi default gateway.

Hnh 4.11: ARP table ca Victim b thay i.

Hnh 4.12: Khi b Attacker tn cng th Victim rt mng hon ton.



32/35


Vy chng c cuc tn cng arpspoof ny my Victim ch cn cho bngARP table gn a ch MAC ca default gateway c nh. tm ra Attacker l aitrong mng th ch cn xi mt s phn mm l bit c ngay v d nh: xarp,wireshark,...

Hnh 4.13: gn MAC ca default gateway ti my Victim.

4.4 Demo s dng cng c Cain tn cng Sniffer password trong LAN

Sau y s demo tn cng ly password my Victim trong mng LAN. giaodin chng trnh hy chn card mng nghe ln trong mng LAN.

Hnh 4.14: Chn card mng cn nghe ln.

Bc tip theo m tnh nng nghe ln v qut ton mng tm Victim.



33/35


Hnh 4.15: Qut ton mng tm Victim.

Hnh 4.16: Chn my Victim tn cng ARP Poison.

Hnh 4.17: M tnh nng ARP Poison.



34/35


Qua my Victim kim tra. S thy c l MAC ca default gateway gi s trn my Attacker nh vy th mi thng tin ln nh my Victim gi i th Attacker s

bit ht...

Hnh 4.18: Bng ARP table my Victim.

Ti my Victim chng ta th truy cp vo a ch ftp://222.255.128.147v nhpusername v password vo. Sau ta qua my Attacker th thy username v

password ca Victim. khc phc c tn cng ny th ta lm ng tc gn MACtnh cho default gateway trong bng ARP table ti my Victim, tng t trong phndemo Netcut.

Hnh 4.19: ly c password.

ftp://222.255.128.147/ftp://222.255.128.147/ftp://222.255.128.147/


35/35


CHNG 5: NHN XT

5.1 Kt lun

Hin nay, trn th gii cha c mt cng ty hay mt tp on no dm khngnh l h thng mng ca mnh l c bo mt an ton nht th gii. V mt h

thng mng c an ninh bo mt n u th chc chc cng s c nhng l hngbo mt m cha c pht hin.

tr thnh mt hacker hay mt Attacker th tng i l d ch cn ln mngtm kim mt cht thng tin l c th tn cng hay hack mt mng no thng quacc cng c c sn. Nhng lm c mt ngi qun tr mng, bo v c hthng mng ca mnh an ton trc Attacker hay hacker th rt l kh. Trc ht munlm mt qun tr mng tt nht cn phi nm bt c cc mnh khe ca Attackercng nh hacker thng s dng v ra nhng gii php phng trnh.

Vy qua ti ny, nhm chng em c rt ra nhn xt l cn phi bo mt nhng

g nh nht trong h thng mng v chng u c th l nhng l hng bo mt mAttacker c th da vo l hng nh y tn cng cng nh hack.

5.2 Ti liu tham kho

Ti liu tham kho chnh:

http://www.diendantinhoc.vn

http://www.wimaxpro.org

http://www.vnpro.org

http://www.tailieu.vn

http://www.hvaonline.net http://www.security-assessment.com

http://www.wi-foo.com

http://www.vikipedia.org

http://www.aircrack-ng.org
http://www.diendantinhoc.vn/http://www.wimaxpro.org/http://www.vnpro.org/http://www.tailieu.vn/http://www.hvaonline.net/http://www.security-assessment.com/http://www.wi-foo.com/http://www.vikipedia.org/http://www.aircrack-ng.org/http://www.diendantinhoc.vn/http://www.wimaxpro.org/http://www.vnpro.org/http://www.tailieu.vn/http://www.hvaonline.net/http://www.security-assessment.com/http://www.wi-foo.com/http://www.vikipedia.org/http://www.aircrack-ng.org/

Tim Hieu Bao Mat Wlan Va Cac Cong Cu Tan Cong Wlan

Documents

Transcript of Tim Hieu Bao Mat Wlan Va Cac Cong Cu Tan Cong Wlan