A penetration tester is performing an assessment for an organization and must gather valid user credentials. Which of the following attacks would be best for the tester to use to achieve this objective?
Deauthentication attacks can force legitimate users to disconnect from a wireless network, prompting them to reconnect and, in the process, capture valid user credentials using a rogue access point or network monitoring tools.
Details:
A. Wardriving: Involves driving around to discover wireless networks; it does not directly gather user credentials.
B. Captive portal: Requires users to log in but is not an attack method; it is a legitimate method to control network access.
C. Deauthentication: Forces users to reauthenticate, allowing an attacker to capture credentials during the reconnection process.
D. Impersonation: Involves pretending to be someone else to gain access but is less effective for directly capturing user credentials compared to deauthentication.
References: Deauthentication attacks are well-documented in wireless security assessments and penetration testing guides.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit