🌟Investigation of the possibilities of interception and modification of network packets using Wi-Fi sniffer🌟
Abstract
👉This work is devoted to the study of methods of interception and analysis of network traffic of IEEE 802.11 wireless networks using specialized software tools of the Wi-Fi Sniffer Packs class. The main goal is to identify the possibility of replacing the packets coming from the client with our own, sent directly to the access point (router). To achieve this goal, a theoretical analysis of the mechanisms of modern wireless communication protocols, testing of existing solutions and the development of a prototype of a packet interception and manipulation system were carried out.
Introduction
👉IEEE 802.11 networks have become widespread due to the convenience of organizing remote user access to local area network resources and the Internet. However, these networks have a number of vulnerabilities due to the specifics of the implementation of the data transfer mechanism and cryptographic protection. One of the actual areas of research is the study of technologies that allow unauthorized access to transmitted data by interception and subsequent modification of packets circulating between clients and the access point (AP).
Research methods
The study was carried out in stages and included the following steps:
☑️Stage 1. Theoretical substantiation
At this stage, a detailed analysis of the IEEE 802.11 protocol, the features of client interaction and access points, the encryption modes used (WEP/WPA/WPA2/WPA3) and authentication processes were carried out. Particular attention is paid to the mechanisms of data frame formation and control, specific for this type of connections.
☑️Stage 2. Analysis of existing tools
Popular wireless network monitoring and analysis tools were studied, such as Aircrack-ng, Kismet, Wifiphisher and others. A comparative analysis of the functionality of each tool was carried out, including the possibilities of passive and active interception, Man-in-the-Middle (MITM) attacks, as well as identifying the limitations and shortcomings of existing approaches.
☑️Stage 3. Development of the concept of interception and replacement of packages
An approach was proposed that allows for active intervention in the data transfer process between the client and the AP. Conceptually, the system consists of three main components:
Client device detection module and access point,
Tool for intercepting frames and storing them in the buffer,
Algorithm for checking and changing the contents of intercepted packets before sending them back to the air.
☑️Step 4. Implementation of the experimental system
Based on the developed concept, an experimental system was created, implemented on the Linux platform using Airmon-ng and Tcpdump software. The system is able to function in real time, intercepting packets and replacing certain fields, such as source and destination MAC addresses, IP packets, TCP header fields and packet payload.
☑️Stage 5. Testing and evaluation of effectiveness
The conducted experiments showed the high efficiency of the proposed methodology when working with open and weakly protected networks. In particular, it was possible to successfully intercept and change the content of HTTP requests, carry out MITM attacks and achieve full control over the data flow. The test results confirmed the operability of the method even under conditions of moderate load on the network.
Conclusion
👉The results obtained allow us to conclude that it is expedient to further develop Wi-Fi Sniffer Packs technology to improve the level of information security of wireless networks. The developed method opens up new prospects in the field of studying the weaknesses of modern equipment and allows you to create protective mechanisms aimed at preventing such threats. The proposed concept has significant potential for implementation in existing information security systems, providing an additional degree of confidence in the integrity and confidentiality of the transmitted data.
Telegram: @ trafolog
Abstract
👉This work is devoted to the study of methods of interception and analysis of network traffic of IEEE 802.11 wireless networks using specialized software tools of the Wi-Fi Sniffer Packs class. The main goal is to identify the possibility of replacing the packets coming from the client with our own, sent directly to the access point (router). To achieve this goal, a theoretical analysis of the mechanisms of modern wireless communication protocols, testing of existing solutions and the development of a prototype of a packet interception and manipulation system were carried out.
Introduction
👉IEEE 802.11 networks have become widespread due to the convenience of organizing remote user access to local area network resources and the Internet. However, these networks have a number of vulnerabilities due to the specifics of the implementation of the data transfer mechanism and cryptographic protection. One of the actual areas of research is the study of technologies that allow unauthorized access to transmitted data by interception and subsequent modification of packets circulating between clients and the access point (AP).
Research methods
The study was carried out in stages and included the following steps:
☑️Stage 1. Theoretical substantiation
At this stage, a detailed analysis of the IEEE 802.11 protocol, the features of client interaction and access points, the encryption modes used (WEP/WPA/WPA2/WPA3) and authentication processes were carried out. Particular attention is paid to the mechanisms of data frame formation and control, specific for this type of connections.
☑️Stage 2. Analysis of existing tools
Popular wireless network monitoring and analysis tools were studied, such as Aircrack-ng, Kismet, Wifiphisher and others. A comparative analysis of the functionality of each tool was carried out, including the possibilities of passive and active interception, Man-in-the-Middle (MITM) attacks, as well as identifying the limitations and shortcomings of existing approaches.
☑️Stage 3. Development of the concept of interception and replacement of packages
An approach was proposed that allows for active intervention in the data transfer process between the client and the AP. Conceptually, the system consists of three main components:
Client device detection module and access point,
Tool for intercepting frames and storing them in the buffer,
Algorithm for checking and changing the contents of intercepted packets before sending them back to the air.
☑️Step 4. Implementation of the experimental system
Based on the developed concept, an experimental system was created, implemented on the Linux platform using Airmon-ng and Tcpdump software. The system is able to function in real time, intercepting packets and replacing certain fields, such as source and destination MAC addresses, IP packets, TCP header fields and packet payload.
☑️Stage 5. Testing and evaluation of effectiveness
The conducted experiments showed the high efficiency of the proposed methodology when working with open and weakly protected networks. In particular, it was possible to successfully intercept and change the content of HTTP requests, carry out MITM attacks and achieve full control over the data flow. The test results confirmed the operability of the method even under conditions of moderate load on the network.
Conclusion
👉The results obtained allow us to conclude that it is expedient to further develop Wi-Fi Sniffer Packs technology to improve the level of information security of wireless networks. The developed method opens up new prospects in the field of studying the weaknesses of modern equipment and allows you to create protective mechanisms aimed at preventing such threats. The proposed concept has significant potential for implementation in existing information security systems, providing an additional degree of confidence in the integrity and confidentiality of the transmitted data.
Telegram: @ trafolog
