An Augmented Penetration Testing Framework for Mobile Devices on 802.11 Ac Wireless Networks
Total Page:16
File Type:pdf, Size:1020Kb
LETTERKENNY INSTITUTE OF TECHNOLOGY A thesis submitted in partial fulfillment of the requirements for the Master of Science in Computing in Systems & Software Security Letterkenny Institute of Technology ___________________________________________________________________ An Augmented Penetration Testing Framework for Mobile Devices on 802.11 ac Wireless Networks Author: Supervisor: Fergal Coll Mr. Nigel McKelvey M.Sc., B.Sc. Submitted to the Quality and Qualifications Ireland (QQI) Dearbhú Cáilíochta agus Cáilíochtaí Éireann May 2015 1 Declaration I hereby certify that the material, which I now submit for assessment on the programmes of study leading to the award of Master of Science in Computing in Enterprise Application Development, is entirely my own work and has not been taken from the work of others except to the extent that such work has been cited and acknowledged within the text of my own work. No portion of the work contained in this thesis has been submitted in support of an application for another degree or qualification to this or any other institution. Signature of candidate: __________________ Date: _________________ 2 Acknowledgements This thesis would not have been possible without the support of many people at the Letterkenny Institute of Technology and Pramerica. The author would like to acknowledge and express his sincere gratitude to his supervisor Mr Nigel McKelvey for his guidance and support. The author would also like to extend his gratitude to the Head of Computing Department Mr Thomas Dowling, and all the staff in Letterkenny Institute of Technology for their help over the years. Finally the author would also like to Anthony Caldwell for his support throughout writing this thesis. 3 Table of Contents Abstract ....................................................................................................................................................... 10 1 Introduction ............................................................................................................................................. 11 1.1 Purpose ............................................................................................................................................. 11 1.2. Background ...................................................................................................................................... 11 1.3 Research Question, Aim and Objectives ........................................................................................... 11 1.3 Outline of Report .............................................................................................................................. 11 CHAPTER 2-Literature Review ..................................................................................................................... 12 2.1 Introduction ...................................................................................................................................... 12 2.2 Today’s Threat Landscape ................................................................................................................. 12 2.3 The 802.11 Standard ......................................................................................................................... 13 2.3.1 Background ................................................................................................................................ 13 2.3.2 802.11 Evolution ........................................................................................................................ 13 2.3.3 Beamforming ............................................................................................................................. 14 2.4 802.11 Security Issues ....................................................................................................................... 15 2.4.1 Security through Obscurity ........................................................................................................ 15 2.4.2 WEP and WPA-PSK Protocols ..................................................................................................... 16 2.5 Testing Frameworks .......................................................................................................................... 18 2.6 Penetration Testing ........................................................................................................................... 18 2.6.1 OWASP Mobile Top Ten ............................................................................................................ 19 2.6.2 Wireless Penetration Testing Framework .................................................................................. 21 2.6.3 Legal and Ethical Considerations ............................................................................................... 21 2.7 Attacking Wireless Clients ................................................................................................................. 23 2.7.2 MiTM .......................................................................................................................................... 23 2.7.1 Wifi Pineapple (Karma Attack) ................................................................................................... 24 2.7.3 Mobile Web Attacks ................................................................................................................... 25 2.8 Conclusion ......................................................................................................................................... 26 CHAPTER 3-Requirements Specification ..................................................................................................... 26 3.1 Introduction ...................................................................................................................................... 26 3.1.1 Purpose .......................................................................................................................................... 26 4 3.1.2 Project Scope ................................................................................................................................. 26 3.2 Research design and methods .......................................................................................................... 27 3.2.1 Penetration Testing Framework ................................................................................................ 27 3.2.2 Mobile Wireless Toolkit ............................................................................................................. 27 3.2.3 Hardware Requirements ............................................................................................................ 28 3.3 Requirements Phase 1 – Reconnaissance ......................................................................................... 28 3.3.1 Designing the technique ............................................................................................................ 28 3.4 Requirements Phase 2 – Scanning .................................................................................................... 29 3.4.1 Designing the technique ............................................................................................................ 29 3.5 Requirements Phase 3 – Exploitation ............................................................................................... 30 3.5.1 Designing the technique ............................................................................................................ 30 3.6 Requirements Phase 4 – Post-Exploitation ....................................................................................... 33 3.6.1 Designing the technique ............................................................................................................ 33 3.7 Summary ........................................................................................................................................... 34 CHAPTER 4- Testing and Evaluation ............................................................................................................ 35 4.1 Phase 1 Reconnaissance Testing ....................................................................................................... 35 4.1.1 Result 1....................................................................................................................................... 35 4.2 Phase 2 Scanning Testing .................................................................................................................. 36 4.2.1 Result 2....................................................................................................................................... 37 4.2.2 Result2A ..................................................................................................................................... 39 4.3 Phase 3 Exploitation Testing ............................................................................................................. 39 4.3.1 Result 3....................................................................................................................................... 39 4.4 Phase 4 Post-Exploitation Testing ..................................................................................................... 40 4.4.1 Result 4....................................................................................................................................... 40 4.4.2 Result 4 b...................................................................................................................................