Explain the use of packet injections within the WiFi Attacks.

713    Asked by AndrewJenkins in SQL Server , Asked on Jan 13, 2022

What is the purpose of packet injections?  According to my research, the most common WPA/WPA2 WiFi attack requires a chipset capable of packet injection.

However I am not sure what this is, and what purpose it serves once you have the capability to inject packets.

I thought that all WiFi chipsets could send/receive data, and assumed packet injection would come under the sending protocol  - but I must be missing something as only certain cards can apparently inject packets.

Answered by Andrea Bailey

Wireless networks work in predefined modes which have specific functionality but also come with strict functional restrictions. Wireless attacks require a higher control over the lower layers of communication in order to send and receive any kind of data.


When you are in the default mode (Station Infrastructure Mode), you have to follow strict rules imposed by that mode, you can't even directly talk to a different client in default mode. So, for more control, you need Monitor mode to listen to any communication in the air. But Monitor mode (if supported by your hardware, chipset, firmware, driver, driver hack and OS wrapper) doesn't standardly allow you to send data. This is where packet injection comes in.

Packet injection means sending data while in Monitor mode because it's a passive-only mode (Source: wireless.kernel.org). Sending and receiving management and control frames is necessary for impersonating base stations and clients, and for listening to frames that are meant for specific adapters. The dreadful deauthentication frame, apart from the DoS it can cause, it's the first stage in a multi-stage attack. It can be used to capture the WPA 4-way handshake or to force a user into a malicious AP, or to recover a hidden SSID, and even generate ARP frames for a WEP replay attack. So, packet injection and monitor mode are two features that provide the much neaded low level control for attacks. And they are missing from some wireless adapters in order to restrict certain layer 2 operations for security reasons, like sniffing and spoofing frames because of poor manufacturer support, lack of open drivers, and people hacking drivers.



Your Answer

Interviews

Parent Categories