Wednesday 5 June 2013

Wireless Part 5

Hey all, welcome back to part 5 of my wireless hacking set. Last week we looked at breaking WEP, so today i thought i would show how the handshake worked. Handshakes are key, they are the agreement and connection between the AP and the client. Without them there would be no connection at all.

Ethernet Frames

First important thing to understand is Ethernet frames. In a Ethernet packet (either wireless or wired), you have a number of sections.

  • Preamble

    This is 7 bytes and is for bit synchronization.

  • Start frame delimiter

    A single byte, used as a flag, and is the start of the frame

  • Destination Address

    48-bits, this is the MAC address for the packet's end point, used by routers to determine exactly what device for the packet to end up at.

  • Source address

    48-bits, this is the MAC address for the packets start point, so the end point knows who sent it. Also this is used so if the packet is corrupted or the endpoint is not found, a message can be sent to the sender so the sender isn't waiting for a reply forever.

  • Length/Ethernet Type

    This gives the ethernet type (Ethernet or Ethernet II). In 802.3(Ethernet), this would give the length of the data section (maximum 1500 bytes).

  • Data

    Exactly what it sounds like, this is the data being sent, up to 1500 bytes, in WEP which we talked about over the last few weeks, this would be the WEP packet we spoke of, so the IV + cypher text.

  • Padding

    For reasons related to CSMA/CD (which i won't get into today), a packet must be at least 64 bytes in total. If the data field + other fields do not fulfill this requirement, the padding is used to make sure the packet meets it minimum required length.

  • Checksum

    The Checksum, the saving grace of any packet of data, this is the answer to a simple one way algorithm run on the data to ensure when it reaches its end point it is still correct, and there are no 1's becoming 0's and vice versa.


Now as part of the start frame delimiter, there are some flags, these are just little extra bits that are sent in the frame, each is just a 1 or 0, indicating yes or no, just a couple of flags are SYN, ACK, RST and FIN, today we will focus on SYN and ACK.

The basic TCP handshake

For short, SYN is synchronize and ACK for acknowledge.

The 3-way TCP handshake is very simple, as as a result i am leaving it as the first handshake we will cover, and is the basis i used to learn the 4-Way Handshake. The basis of the hand shake is as follows
SYN
SYN,ACK
ACK

All this is is a ask, a reply and a acknowledgement that the reply has been received.

I'm going to leave this here for this week as i am extremely tired from doing my CBT earlier today (british compulsory bike training, so i can get a motorbike, which of course will have a Yagi antenna strapped to it for a bit of war driving :) ).
-Spectr3
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)