無線黑客傻瓜書

無線黑客傻瓜書

《無線黑客傻瓜書》是2009年nohack出版的圖書,作者是楊哲。

內容介紹

Part0:幼稚園篇

卷1 無線基礎知識掃盲...........................................7

1.1 什麼是無線網路.........................................7

1.1.1 狹義無線網路....................................7

1.1.2 廣義無線網路....................................9

1.2 蓬勃發展的無線城市....................................11

1.3 無線安全及Hacking技術的發展..........................12

卷2 常見無線網路設備..........................................15

2.1 認識無線路由器........................................15

2.2 了解無線網卡..........................................16

2.3 走近天線..............................................17

2.4 其它..................................................18

卷3 搭建自己的無線網路........................................19

3.1 WEP基礎..............................................19

3.1.1 關於WEP......................................19

3.1.2 WEP及其漏洞..................................20

3.1.3 WEP的改進....................................20

3.2 WEP加密設定和連線....................................21

3.2.1 配置無線路由器.................................21

3.2.2 Windows下客戶端設定...........................22

3.2.3 Linux下客戶端設定..............................23

3.3 WPA基礎.............................................26

3.3.1 WPA簡介......................................26

3.3.2 WPA分類......................................26

3.3.3 WPA的改進....................................27

3.3.4 WPA 2簡介....................................28

3.3.5 WPA面臨日的安全問題..........................28

3.3.6 關於Windows下WPA2支持性....................28

3.4 WPA-PSK加密設定和連線...............................28

3.4.1 配置無線路由器.................................29

3.4.2 Windows下客戶端設定..........................30

3.4.3 Linux下客戶端設定.............................30

卷4 無線黑客環境準備..........................................32

4.1 適合的無線網卡........................................32

4.1.1 無線網卡的選擇.................................32

4.1.2 無線網卡的晶片.................................33

4.1.3 總結整理.......................................34

4.2 必備作業系統..........................................35

4.2.1 BackTrack4 Linux...............................35

4.2.2 Slitaz Aircrack-ng Live CD.......................36

4.2.3 WiFiSlax.......................................37

4.2.4 WiFiWay.......................................37

4.2.5 其它Live CD...................................38

4.3 Vmware虛擬機下無線攻防測試環境搭建...............................39

4.3.1 建立全新的無線攻防測試用虛擬機.............................39

4.3.2 對無線攻防測試用虛擬機進行基本配置.........................41

4.3.3 了解你的無線攻防測試環境BT4...............................43

4.4 打造隨身碟版無線攻防環境................................44

Part1:國小篇

卷5 搞定WEP加密..............................................50

5.1 破解須知..............................................50

5.2 WEP破解利器——Aircrack-ng...........................50

5.2.1 什麼是Aircrack-ng..............................50

5.2.2 輕鬆安裝Aircrack-ng............................51

5.3 BT4下破解WEP加密...................................53

5.3.1 破解WEP加密實戰..............................53

5.3.2 WEP破解常見問題小結..........................59

5.4 全自動傻瓜工具SpoonWEP2..............................60

5.4.1 關於SpoonWEP的分類...........................60

5.4.2 SpoonWEP2實戰................................61

卷6 搞定WPA-PSK加密..........................................63

6.1 第二個破解須知........................................63

6.2 WPA破解利器——Cowpatty.............................64

6.2.1 什麼是Cowpatty................................64

6.2.2 輕鬆安裝Cowpatty..............................64

6.3 BT4下破解WPA-PSK加密..............................66

6.3.1 破解WPA-PSK加密實戰.........................66

6.3.2 使用Cowpatty破解WPA-PSK加密..............................69

6.3.3 WPA-PSK破解常見問題小結.....................70

6.4 全自動傻瓜工具SpoonWPA..............................71

卷7 自己動手,製作破解專用字典.................................74

7.1 製作破解專用字典......................................74

7.2 BackTrack2/3/4下默認字典位置.........................75

7.3 將字典上傳至Linux下的方法.............................76

卷8 升級進階必學技能..........................................81

8.1 突破MAC地址過濾.....................................81

8.1.1 什麼是MAC地址過濾............................81

8.1.2 讓我們來突破MAC地址過濾吧....................82

8.1.3 如何防範?.....................................87

8.2 破解關閉SSID的無線網路................................87

8.3 不再依賴DHCP.........................................92

Part2:中學篇

卷9 我在悄悄地看著你..........................................95

9.1 截獲及解碼無線加密數據................................95

9.1.1 截獲無線加密數據...............................95

9.1.2 對截獲的無線加密數據包解密.....................95

9.2 分析MSN\QQ\Yahoo聊天數據...........................98

9.3 分析Email\論壇賬戶名及密碼............................99

9.4 分析WEB互動數據....................................100

9.4.1 當前訪問站點..................................100

9.4.2 當前防毒軟體版本判斷...........................101

9.4.3 當前作業系統判斷...............................101

9.4.4 當前網路設備識別...............................102

9.5 外一篇:我不在咖啡館,就在去咖啡館的路上..........................103

卷10 滲透的快感

10.1 掃描為先.............................................104

10.1.1 NMAP & Zenmap..............................104

10.1.2 AMAP........................................106

10.1.3 Nbtscan.......................................107

10.1.4 DNS Walk....................................107

10.2 密碼破解............................................108

10.2.1 Hydra........................................109

10.2.2 BruteSSH......................................111

10.3 緩衝區溢出(Metasploit3)..............................112

10.3.1 關於Metasploit3...............................112

10.3.2 Metasploit3的升級..............................113

10.3.3 Metasploit3操作實踐............................114

卷11 無線D.O.S,看不見就被踢下線..............................117

11.1 什麼是無線D.O.S....................................117

11.2 安裝無線D.O.S工具...................................117

11.2.1 淺談MDK 3..................................117

11.2.2 圖形界面無線D.O.S工具——Charon........................120

11.2.3 D.O.S攻擊工具的使用.........................121

11.3 無線D.O.S也瘋狂....................................122

11.3.1 關於無線連線驗證及客戶端狀態.............................122

11.3.2 Auth Flood攻擊...............................122

11.3.3 Deauth Flood攻擊.............................125

11.3.4 Association Flood攻擊..........................127

11.3.5 Disassociation Flood攻擊........................129

11.3.6 RF Jamming攻擊..............................130

Part3:大學篇

卷12 速度,職業和業餘的區別...................................134

12.1 什麼是WPA-PSK的高速破解..........................134

12.2 提升WPA-PSK破解操作實戰..........................139

12.2.1 回顧Cowpatty套裝............................139

12.2.2 使用genpmk製作WPA Hash....................139

12.3 WPA PMK Hash初體驗...............................140

12.3.1 使用Hash進行WPA破解 ......................140

12.3.2 測試數據對比..................................141

12.4 更快的方法——GPU..................................141

12.4.1 關於GPU.....................................141

12.4.2 GPU程式語言CUDA...........................142

12.4.3 GPU在安全領域的套用及發展...............................143

12.4.4 將GPU技術用於破解...........................144

12.5 不得不提的EWSA.....................................145

12.5.1 EWSA的使用準備..............................145

12.5.2 使用EWSA進行WPA-PSK破解.............................146

12.5.3 未註冊EWSA的解決方法.......................147

12.6 其它的選擇:分散式破解...............................149

12.6.1 關於分散式....................................149

12.6.2 無線WPA加密分散式破解第一輪公測.........................150

12.6.3 加入分散式的意義.............................151

卷13 影分身是這樣練成的.......................................151

13.1 偽造AP並不難.......................................152

13.1.1 偽裝成合法的AP..............................152

13.1.2 惡意創建大量虛假AP信號......................153

13.2 搜尋及發現偽造AP...................................154

13.3 給偽造分身加個護盾...................................160

卷14 無客戶端破解,敏感的捷徑.................................163

14.1 什麼是無客戶端.......................................163

14.1.1 關於無客戶端的定義...........................163

14.1.2 關於無客戶端的破解...........................164

14.2 無客戶端破解第一彈:Chopchop攻擊.....................164

14.3 無客戶端破解第二彈:Fragment攻擊....................166

Part4:研究生篇

卷15 War-Driving,戰爭駕駛.....................................169

15.1 什麼是War-Driving...................................169

15.1.1 War-Driving的概念............................169

15.1.2 了解Hotspot熱點地圖..........................170

15.1.3 War-Driving所用工具及安裝....................171

15.2 在城市裡War-Driving.................................172

15.2.1 關於WiFiForm................................172

15.2.2 WiFiForm + GPS探測.........................173

15.3 繪製熱點地圖操作指南................................175

15.3.1 繪製熱點地圖.................................175

15.3.2 某運營商內部無線熱點地圖......................177

15.3.3 國內某機場無線熱點地圖........................178

15.3.4 某省會城市繁華地段無線熱點地圖...........................179

15.4 一些案例............................................180

15.4.1 遠程無線攻擊的原理............................181

15.4.2 真實案例.....................................181

卷16 藍牙,看不見才更危險.....................................183

16.1 無處不在的Bluetooth.................................183

16.1.1 什麼是藍牙?.................................183

16.1.2 藍牙體系及相關術語...........................184

16.1.3 藍牙適配器的選擇.............................186

16.1.4 藍牙(驅動)工具安裝..........................186

16.1.5 藍牙設備配對操作.............................187

16.2 玩轉藍牙Hacking.....................................189

16.2.1 識別及激活藍牙設備...........................189

16.2.2 查看藍牙設備相關內容.........................190

16.2.3 掃描藍牙設備.................................191

16.2.4 藍牙列印.....................................192

16.2.5 藍牙攻擊......................................193

16.2.6 修改藍牙設備地址.............................194

16.3 破壞,藍牙D.O.S ....................................195

16.3.1 藍牙D.O.S實戰...............................196

16.3.2 藍牙D.O.S會遇到的問題.......................198

16.4 破解不可見的藍牙設備.................................199

16.4.1 什麼是不可見?...............................199

16.4.2 關於Redfang..................................199

16.4.3 使用Redfang進行破解..........................200

16.4.4 其它..........................................201

卷17 再玩點有意思的..........................................202

17.1 Wifizoo.............................................202

17.1.1 關於Wifizoo..................................202

17.1.2 Wifizoo的安裝................................202

17.1.3 如何使用Wifizoo..............................202

17.2 無線攻擊跳板.........................................205

17.2.1 關於無線跳板.................................205

17.2.2 Airserv-ng+Fpipe..............................205

17.2.3 無線跳板實戰..................................207

尾聲:關於“ceng”的一些感想...............................209

附錄:.............................................210

A、無線網卡晶片列表........................................210

B、中國計算機安全相關法律及規定............................211

C、本書附贈的《黑客手冊》專版Backtrack 4 Linux DVD光碟簡介...........213

光碟目錄............................................214

相關詞條

熱門詞條

聯絡我們