Wifi Pentesting Roadmap for Classic-Future Attacks and Defenses

Abstract

The most advanced attack on the Wireless Fidelity (WIFI) network uses social engineering. The hacker makes portal captive and forces the victim for disconnecting to internet instead of entering the real password of the WIFI. In normal actions, asking WIFI password on the web interface is not the real process, but sometimes the victim is not experience enough on security and thinks that it is a technical problem. Also, the victim didn’t have internet connection due to the hard deauthentication and the select open access, which is not his WIFI network. The future generation of WIFI could be use a secure deauthentication. So, this article proposed how the actual attack will be processed, how is the secure deauthentication and how hacker could use this same attack with more secure network. Like conclusion, solutions to resolve this problem will be proposed. New hacking arsenal for replacing the deauthentication is the smart-jamming. With the secure deauthentication, reforging the packet for telling the victim to deauthenticate to the network will not be possible anymore. The smart-jamming select the frequency of the access point of the victim and jam only this specific frequency by sending a noise. In this scenario, the same effect of the first attack is still possible. For the best security of network, two solutions will be proposed: secure deauthentication and hopping frequency. A defensive proposition about secure deauthentication will be found in this article by using cryptographic key exchange like Diffie Hellman (DH), Elliptic Curve Diffie Hellman (ECDH) and Super Isogenies Diffie Hellman (CSIDH).