Jaime Blasco Blog : /Attacks/Wireless_Intrusion_Detection_Systems_Testing

Attacks: Wireless Intrusion Detection Systems Testing Tool
Thu, 07 Jan 2010

To celebrate the New Year I want to share with you a simple but useful tool I wrote some time ago.

The script generates wireless packets to emulate wireless attacks with the intention of testing wireless intrusion detection systems.

At this moment it supports the following attacks:

Send Probe-response packets with a SSID IE tag component of length 0 (WVE-2006-0064)

Floods the WLAN with disassociation packets. (WVE-2005-0046)

Floods the WLAN with deauthentication packets. (WVE-2005-0045)

Sends invalid deauthentication reason code

Sends an over-sized SSID. (WVE-2006-0071, WVE-2007-0001)

Sends airjack beacon packet. (WVE-2005-0018)

Sends an an invalid channel number in beacon frames (WVE-2006-0050)

Windows XP SP1 behaviour

To run the tool you need Scapy.

Source Code

You can use the tool to test that your Ossim wireless sensor with Kismet works as you expect:

posted at: 19:48 | path: /Attacks | permanent link to this entry | 0 comments | wireless ids,wids,attacks,wireless security, wireless attacks, wve, Wireless Vulnerabilities and Exploits

Categories

/ (32)
    Attacks/ (2)
    Exploits/ (1)
    General/ (3)
    Lua/ (1)
    Malware/ (2)
    Nessus/ (6)
        cisco/ (1)
        plugins/ (3)
    Ossim/ (9)
    Scada Security/ (1)
    Security Visualization/ (6)
        Malware/ (2)
    Vulnerability Management/ (1)

Jaime Blasco
(feel free to get in touch)

Friend's blogs:

Lecture...

< January 2010 >

Mo Tu We Th Fr Sa Su

1 2 3

4 5 6 7 8 9 10

11 12 13 14 15 16 17

18 19 20 21 22 23 24

25 26 27 28 29 30 31