ebook img

Hacking Exposed Wireless: Wireless Security Secrets & Solutions PDF

707 Pages·2014·36.472 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Hacking Exposed Wireless: Wireless Security Secrets & Solutions

Copyright © 2015 by McGraw-Hill Education. All rights reserved. Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a data base or retrieval system, without the prior written permission of the publisher. ISBN: 978-0-07-182762-1 MHID: 0-07-182762-5 The material in this eBook also appears in the print version of this title: ISBN: 978-0-07- 182763-8, MHID: 0-07-182763-3. eBook conversion by codeMantra Version 1.0 All trademarks are trademarks of their respective owners. Rather than put a trademark symbol after every occurrence of a trademarked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the trademark. Where such designations appear in this book, they have been printed with initial caps. McGraw-Hill Education ebooks are available at special quantity discounts to use as premiums and sales promotions or for use in corporate training programs. To contact a representative, please visit the Contact Us page at www.mhprofessional.com. McGraw-Hill Education, the McGraw-Hill Education Publishing logo, Hacking ExposedTM, and related trade dress are trademarks or registered trademarks of McGraw- Hill Education and/or its affiliates in the United States and other countries and may not be used without written permission. All other trademarks are the property of their respective owners. McGraw-Hill Education is not associated with any product or vendor mentioned in this book. Information has been obtained by McGraw-Hill Education from sources believed to be reliable. However, because of the possibility of human or mechanical error by our sources, McGraw-Hill Education, or others, McGraw-Hill Education does not guarantee the accuracy, adequacy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from the use of such information. TERMS OF USE This is a copyrighted work and McGraw-Hill Education and its licensors reserve all rights in and to the work. Use of this work is subject to these terms. Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill Education’s prior consent. You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited. Your right to use the work may be terminated if you fail to comply with these terms. THE WORK IS PROVIDED “AS IS.” McGRAW-HILL EDUCATION AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. McGraw-Hill Education and its licensors do not warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free. Neither McGraw-Hill Education nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages resulting therefrom. McGraw-Hill Education has no responsibility for the content of any information accessed through the work. Under no circumstances shall McGraw-Hill Education and/or its licensors be liable for any indirect, incidental, special, punitive, consequential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibility of such damages. This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise. For Jen, Maya, and Ethan. ~Joshua Wright For those who pushed me forward when the world was trying to hold me back: Nick, Karen, Jen, and Ora. ~Johnny Cache About the Authors Joshua Wright is a senior technical analyst with Counter Hack, and a senior instructor and author for the SANS Institute. Through his experiences as a penetration tester, Josh has worked with hundreds of organizations on attacking and defending mobile devices and wireless systems, disclosing significant product and protocol security weaknesses to well- known organizations. As an open source software advocate, Josh has conducted cutting- edge research resulting in hardware and software tools that are commonly used to evaluate the security of widely deployed technology targeting Wi-Fi, Bluetooth, ZigBee, and Z- Wave wireless systems, smart-grid deployments, and the Android and Apple iOS mobile device platforms. In his spare time, Josh looks for any opportunity to void a warranty on his electronics. Johnny Cache received his Masters in Computer Science from the Naval Postgraduate School in 2006. His thesis work, which focused on fingerprinting 802.11 device drivers, won the Gary Kildall award for the most innovative computer science thesis. Johnny wrote his first program on a Tandy 128K color computer sometime in 1988. Since then, he has spoken at several security conferences, including BlackHat, BlueHat, and ToorCon. He has also released a number of papers related to 802.11 security and is the author of many wireless tools. He is the founder and chief science officer of Cache Heavy Industries. About the Contributors Chris Crowley is the owner of the Montance Consulting Group in Washington DC, performing penetration testing, computer network defense, incident response, and forensic analysis engagements. As the lead instructor for the SANS Institute Mobile Device Security and Ethical Hacking course, Chris works with thousands of organizations each year, helping them identify, exploit, and address critical flaws in mobile and wireless systems. In his spare time, Chris balances his extreme work schedule with extreme rock climbing. Tim Kuester (BSCE, UMBC) is an engineer working at Tactical Network Solutions in Columbia, MD. He has a background in turnkey engineering, with projects ranging from CubeSats and BioMed research devices to spy gadgets and air vacuums. He enjoys hacking projects involving embedded systems, radios, and circuit boards. Alongside contract work, he teaches courses on software-defined radio and signal processing at TNS headquarters. Outside of work, he enjoys fiddling with amateur radio, riflery, and EMS. Tim would like to extend thanks to his parents and his engineering professors at UMBC for their patience and guidance. About the Technical Reviewers Tim Medin is a senior technical analyst with Counter Hack and a lead instructor for the SANS Institute. As a professional penetration tester, Tim has worked with hundreds of organizations, including Fortune 100 companies and the US government, to identify and exploit vulnerabilities as part of an essential process to defend critical networks. As the technical lead of the innovative NetWars program, Tim leads the development of information security challenges for education, evaluation, and competition, reaching out to brilliant analysts, from high-school seniors to retired US military veterans. When he’s not identifying critical flaws in pervasive protocols such as Kerberos, Tim likes to spend time with his family. Mike Ryan is a senior security consultant with iSEC Partners, an information security organization. At iSEC, Mike performs penetration testing, specializing in red team exercises, network penetration tests, and embedded platforms. Mike also researches Bluetooth security, contributing significant enhancements to the Ubertooth project for Bluetooth Low Energy attacks. Mike has been doing security in one way or another since 2002 and has a wide array of skills, tricks, and leet hax to bring to the table in any situation. Outside of security, Mike enjoys retro hardware and doing absolutely anything at the beach. Jean-Louis Bourdon is a firmware engineer with ten years’ experience designing processors for Infineon and five years’ experience writing software for embedded systems. He is now currently working for Pektron in the UK, designing instrument clusters for super/hyper cars. His hobbies are often technology related and usually involve dissecting the newest gadgets he can get his hands on. At a Glance Hacking 802.11 Wireless Technology 1 Introduction to 802.11 Hacking 2 Scanning and Enumerating 802.11 Networks 3 Attacking 802.11 Wireless Networks 4 Attacking WPA-Protected 802.11 Networks 5 Attacking 802.11 Wireless Clients 6 Taking It All the Way: Bridging the Air-Gap from Windows 8 Bluetooth 7 Bluetooth Classic Scanning and Reconnaissance 8 Bluetooth Low Energy Scanning and Reconnaissance 9 Bluetooth Eavesdropping 10 Attacking and Exploiting Bluetooth More Ubiquitous Wireless 11 Software-Defined Radios 12 Hacking Cellular Networks 13 Hacking ZigBee 14 Hacking Z-Wave Smart Homes Index Hacking 802.11 Wireless Technology Bluetooth More Ubiquitous Wireless

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.