Advanced WiFi Penetration Test — by Chai Kunzhe & Yang Yunfei
#IICSG2018 Conference Workshop Track
Day 1 (24 May 2018)
@ Bras Basah Room
We will take an in-depth look at the security challenges of wireless technologies, exposing you to wireless security threats through the eyes of an attacker. Knowing how to attack will help us to establish the appropriate protection strategy.
This workshop will instruct attendees on how to carry out wireless pentest against personal and enterprise network. You will learn how to gain access to WPA2 personal and enterprise network, bypass captive portals, and build a phishing WiFi network. You will experience why it is so easy to attack enterprise over the WiFi network.
In addition, we will introduce researches done by Qihoo 360 PegasusTeam in the last few years. These will include a wireless threat perception system, an anti-drone system, a portable WiFi attack and defence platform, and GhostTunnel — a wireless backdoor way using out-of-band data transmission.
WiFi Security Basics
Basic Wireless Attacks
Cracking WEP, WPA/WPA2 Personal
Cracking the WPS PIN
Bypassing Authentication — Captive Portal, MAC Filtering
Getting Passwords from WiFi Password Sharing APP
Advanced Wireless Attacks Against Enterprise Network
Using Evil Twin Attacks to Attack WPA2-PEAP Network
Gaining Entry by Attacking Employees' Self-built WiFi Network
WiFi Phishing with Captive Portal
PegasusTeam's Wireless Security Researches
A Wireless Threat Perception System
An Anti-Drone System Based on 802.11
A Portable WiFi Attack & Defence Platform
GhostTunnel — A Wireless Backdoor Way Using Out-of-Band Data Transmission
Previous wireless security background is helpful but not required.
What to Bring
Attendees will be required to bring their own laptops with Kali Linux (or running in virtualisation software such as VMware or VirtualBox)
A TP-Link WN722N V1 external wireless interface per student
About Chai Kunzhe
Chai Kunzhe (Hacker Handle: sweeper) is the leader of the PegasusTeam at Radio Security Research Department of 360 Technology. He is responsible for the wireless security of 360 Technology, inventor of SkyScan (Tianxun) Wireless Intrusion Prevention System (WIPS), and one of the authors of the Chinese wireless security product standard documents. He is also the inventor of the first fake/rogue base station defence system.
About Yang Yunfei
Yang Yunfei (@qingxp9) is currently a wireless security researcher in the PegasusTeam of 360 Technology. He focuses on WLAN security research, wireless offensive and defensive product development. He is a guest lecturer at Northeastern University. He made serial presentations about WiFi hacking, UAV security on KCon, HITCON, FIT, CCF YOCSEF, DEFCON Group 010, etc.