11 ‐ Analyzing various Wi‐Fi Traffic and performing wardriving - Nifalnasar/Fundamentals-of-Network GitHub Wiki

Capture various Wi-Fi traffic as per the below instructions:

Analyse the given parameters for each of the traffic files captured.

a. Open Wi-Fi (No Password) - Personal

image

Risk:

Privacy issues, we were able to monitor all the users connected to the open source.

image

b. Wi-Fi with WPA2 – Personal (As an insider)

a. Analyse the Wi-Fi header parameters for each of the traffic files captured.

Probe Request

image

Probe Response

image

Authentication Request

image

Authentication Response

image

Association Request

image

Association Response

image

b. Capture the 4-way handshake of wpa2 and analyze the various keys transmitted during the process.

The below screenshot will give the information of 4 way handshake which has EAPOL protocol.

image

c. Wi-Fi with WPA2 – Personal (As an outsider)

b. Capture the 4-way handshake of wpa2 and analyze the various keys transmitted during the process.

As we are an outsider we will not be able to capture the handshake process.

c. After capturing the traffic as an outsider, with the available information, try to identify the Wi-Fi header details.

Beacon Frame:

image

Probe Request

image

Probe Response

image

Acknowledgement

image

Client making HTTPS request using Web Browser

image

e. Wi-Fi with WPA2 – Enterprise

a. Analyse the Wi-Fi header parameters for each of the traffic files captured.

Beacon Frame

image

Probe Response

image

Acknowledgement

image

Authentication

image

Request Identity

image

Response Identity

image

4 Way handshake

image

Start

image

f. Mark your observations on the difference between wpa2 personal and wpa2 enterprise on the protocol level using the traffic captured.

The main difference between WPA2-Personal and WPA2-Enterprise is the credentials that are used.

WPA2-Personal

image

WPA2-Enterprise

image

Perform wardriving using Wigile (Mobile application) and record your observations on various technical and sensitive details related to Wi-Fi which are available public.

3. WigleWifi.CSV.csv

We are able to see the latitude and longitude location of the Access Point. We are also able to see the Channel in which the Access Point is broadcasting the beacons. We are able to see the AuthMode and MAC address of the Access Point. The KML file was imported to Google Earth and the location of the different access points were seen in the map.

image