Wifi - Hacking Lab

Table Of Contents

• Recon

  • 01. What is the channel that the wifi-global Access Point (AP) is currently using?

  • 02. What is the MAC of the wifi-IT client?

  • 03. What is the probe of 78:C1:A7:BF:72:46 that follows the format of the other networks in the range (wifi-)?

  • 04. What is the ESSID of the hidden AP (mac F0:9F:C2:6A:88:26)?

• OPN

  • 05. What is the flag in the hidden AP router behind default credentials?

  • 06. What is the flag on the AP router of the wifi-guest network?

• WEP

  • 07. Get wifi-old password

• PSK

  • 08. What is the wifi-mobile AP password?

  • 09. What is the IP of the web server in the wifi-mobile network?

  • 10. what is the flag after login in wifi-mobile?

  • 11. Is there client isolation in the wifi-mobile network?

  • 12. What is the wifi-office password?

• SAE WPA3

  • 13. What is the wifi-management password?

  • 14. What is the wifi-IT password?

• MGT Recon

  • 15. What is the domain of the users of the wifi-regional network?

  • 16. What is the email address of the server certificate?

  • 17. What is the EAP method supported by the wifi-global AP?

• MGT

  • 18. What is juan’s wifi-corp password?

  • 19. What is CONTOSO\test password in wifi-corp?

  • 20. Which is the user (with domain) with password 12345678 in wifi-corp?

  • 21. What is the flag on the wifi-regional-tablets AP?

  • 22. What is the flag on the wifi-regional AP?

  • 23. What is the password of the user vulnerable to RogueAP of wifi-global?

  • 24. What is the flag after login in wifi-regional when logging in with the credentials obtained in the previous step?

  • 25. What is the password of the wifi-corp Administrator?

  • 26. What is the flag found on the wifi-global AP?

• WIDS - Nzyme

  • 27. What is the MAC of the first detected attacker in Nzyme?

Misc Resources