Abstract
Security mechanisms of wireless technologies often suffer weaknesses that can be exploited to perform Man-in-the-Middle attacks, allowing to eavesdrop or to spoof network communication. This paper focuses on possibilities of automation of these types of attacks using already available tools for specific tasks. Outputs of this research are the wifimitm Python package and the wifimitmcli CLI tool, both implemented in Python. The package provides functionality for automation of MitM attacks and can be used by other software. The wifimitmcli tool is an example of such software that can automatically perform multiple MitM attack scenarios without any intervention from an investigator.
The results of this research are intended to be used for automated penetration testing and to help with forensic investigation. Finally, a popularization of the fact that such severe attacks can be easily automated can be used to raise public awareness about information security.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Internet Service Provider
- 2.
Asus RT-AC5300 – Merlin WRT has an option to tunnel all traffic thought Tor.
- 3.
- 4.
- 5.
- 6.
- 7.
UPC company is a major ISP in the Czech Republic, URL: https://www.upc.cz
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
For details concerning individual phishing scenarios, please see wifiphisher’s website. https://github.com/sophron/wifiphisher
- 16.
Stream of Pseudo Random Generation Algorithm generated bits.
- 17.
Small office/home office.
References
Callegati, F., Cerroni, W., Ramilli, M.: Man-in-the-middle attack to the HTTPS protocol. IEEE Security Privacy 7, 78–81 (2009)
Deal, R., Cisco Systems Inc.: The Complete Cisco VPN Configuration Guide. Cisco Press Networking Technology Series. Cisco Press, Indianapolis (2006)
Droms, R.: Dynamic host configuration protocol. RFC 2131, IETF, March 1997
Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the key scheduling algorithm of RC4. In: Vaudenay, S., Youssef, A. (eds.) Selected Areas in Cryptography. LNCS, pp. 1–24. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45537-X_1
Godber, A., Dasgupta, P.: Countering rogues in wireless networks, vol. 2003-January, pp. 425–431. Institute of Electrical and Electronics Engineers Inc. (2003)
Halsall, F.: Computer Networking and the Internet. Addison-Wesley, Boston (2005)
Heffner, C.: Cracking WPA in 10 hours or less –/dev/ttys0 (2011). http://www.devttys0.com/2011/12/cracking-wpa-in-10-hours-or-less/
IEEE-SA. IEEE standard for information technology-telecommunications and information exchange between systems local and metropolitan area networks-specific requirements part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications. IEEE Std 802.11-2012 (Revision of IEEE Std 802.11-2007), pp. 1–2793, March 2012
Kent, S., Seo, K.: Security Architecture for the Internet Protocol. RFC 4301, IETF, December 2005
Klinec, D., Svítok, M.: UPC UBEE EVW3226 WPA2 password reverse engineering, rev 3. https://deadcode.me/blog/2016/07/01/UPC-UBEE-EVW3226-WPA2-Reversing.html. Accessed 5 Nov 2016
Klinec, D., Svítok, M.: Wardriving Bratislava 10/2016, 5 November 2016. https://deadcode.me/blog/2016/11/05/Wardriving-Bratislava-10-2016.html
Kumkar, V., Tiwari, A., Tiwari, P., Gupta, A., Shrawne, S.: Vulnerabilities of wireless security protocols (WEP and WPA2). Int. J. Adv. Res. Comput. Eng. Technol. (IJARCET) 1(2), 34–38 (2012)
Liu, Y., Jin, Z., Wang, Y.: Survey on security scheme and attacking methods of WPA/WPA2. In: 2010 6th International Conference on Wireless Communications Networking and Mobile Computing (WiCOM), pp. 1–4, September 2010
Plummer, D.: Ethernet address resolution protocol: or converting network protocol addresses to 48.bit ethernet address for transmission on ethernet hardware. RFC 826, IETF, November 1982
Pluskal, J., Matoušek, P., Ryšavý, O., Kme\(\acute{\rm t}\), M., Veselý, V., Karpíšek, F., Vymlátil, M.: Netfox detective: a tool for advanced network forensics analysis. In: Proceedings of Security and Protection of Information (SPI) 2015, pp. 147–163. Brno University of Defence (2015)
Prowell, S., Kraus, R., Borkin, M.: Man-in-the-middle. In: Prowell, S., Kraus, R., Borkin, M. (eds.) Seven Deadliest Network Attacks, pp. 101–120. Syngress, Boston (2010)
Robyns, P.: Wireless network privacy. Master’s thesis. Hasselt University, Hasselt (2014)
Tews, E., Weinmann, R.-P., Pyshkin, A.: Breaking 104 bit WEP in less than 60 seconds. In: Kim, S., Yung, M., Lee, H.-W. (eds.) Information Security Applications. LNCS, pp. 188–202. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77535-5_14
Thomas, O.: Windows Server 2016 Inside Out. Inside Out. Pearson Education, London (2017)
Vondráček, M.: Automation of MitM attack on WiFi networks. Bachelor’s thesis. Brno University of Technology, Faculty of Information Technology (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Vondráček, M., Pluskal, J., Ryšavý, O. (2018). Automation of MitM Attack on Wi-Fi Networks. In: Matoušek, P., Schmiedecker, M. (eds) Digital Forensics and Cyber Crime. ICDF2C 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 216. Springer, Cham. https://doi.org/10.1007/978-3-319-73697-6_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-73697-6_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-73696-9
Online ISBN: 978-3-319-73697-6
eBook Packages: Computer ScienceComputer Science (R0)