MITM/Wireless

From charlesreid1

Revision as of 01:46, 21 August 2016 by Admin (talk | contribs) (Created page with "==ARP Poisoning on Wifi?== Question: how does MITM attack work on wireless? ARP cache poisoning attacks can be performed even on a wireless network with WEP or WPA enabled....")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

ARP Poisoning on Wifi?

Question: how does MITM attack work on wireless?

ARP cache poisoning attacks can be performed even on a wireless network with WEP or WPA enabled. These protocols encrypt Layer 2 packets. ARP is an aspect of the IP implementation, which is Layer 3. That means ARP packets set out over a wireless network are sent using encryption common to all nodes.

Attacker performing ARP poisoning is on the (WPA) network, and so all packets sent to and from the attacker and the router and the sheep are all encrypted with the same WPA encryption. The AP accepts and forwards packets from an attacker, because they are properly encrypted with the key, forwarding them on to their destination machine. The destination machine can also decrypt the packets using the same WPA key, and the spoofed ARP mapping is read from the packet, and the ARP cache is updated.

So, yes, ARP cache poisoning can absolutely happen on a wireless network.

Retrieved from "https://charlesreid1.com/w/index.php?title=MITM/Wireless&oldid=12870"