Wireless Penetration Testing

A wireless penetration test will expose the weaknesses in your organisation’s established wireless infrastructure, users mobile phones, and wireless devices with privileged access to your organisations information.

There is little value in knowing the wireless coverage of your organisations network due to the possibility to overcome those distances through the use of specialised wireless antennas intended to operate at extended distances. Centurion demonstrates to your organisation real world attacks on wireless networks to discover meaningful changes that can be adopted to improve the wireless security and overall network security within the organisation.

At Centurion our capabilities extend beyond cracking WEP and WPA passphrases on GPU clusters, and breaking into wireless networks with the equivalent security of a typical home network. The adoption and acceptance of users bringing their own mobile devices to work has often lead to their Active Directory credentials being stored in devices that are unable to adequately protect such critical information. For that reason, Centurions approach to wireless penetration testing involves targeting the wireless infrastructure and the wireless devices in use by the organisations users.

We establish wireless access points configured with WPA2 Enterprise (802.1x) security and the ability to spoof any wireless network previously connected to by the users device. This allows us to trick wireless devices to connect to us and uncover the organisations information stored within and transmitted by their device. Using this technique we are able to capture the users Active Directory or RADIUS credentials which can be used to gain access to the organisations wireless network.

Once a wireless device is connected to our network we are then able to apply aspects of our network penetration testing methodology to capture credentials and any confidential information sent by the wireless device. Typical mobile device management solutions and email applications on a mobile phones are often configured without strict validation of TLS/SSL certificates to prevent exposing the users email and Active Directory credentials during a man in the middle attack.

An important aspect of any wireless network is to have adequate segregation between the wireless network and the organisations wired network. This is especially important when the organisation provides a guest network for temporary Internet access for visitors. Centurion helps your organisation identify vulnerabilities in network segregation with demonstrated business risk and provides actionable advice to address the identified vulnerabilities.