Thursday, February 24, 2011

Wi-Fi attacks Can You Say McHacker?? Check this out.

I have a copy of the book linked below. It is well written and if possible should be purchased. Starting on page 28 of this book there is some basic descriptions of some dangers associated with network hotspots. These so called hotspots are rich targets for and attacker with some basic tools and hacking savy.
I will first point out theat the SSID of a Wi-Fi connection in no way accounts for any authentication and any one can make up a network name of McDonadls Free and sit in a Mcdonalds broadcasting this SSID. The other main consideration is that my laptop and most othere I am assuming are capable of serving as a WAP. Now that we have established those two points we can go into the scarry stuff.
In the interest of time I will fast forward to 2004 when Dino Dai Zovi and Shane Macaulay wrote and distributed a program called Karma. Karma's main advantage was that it could take on multiple probes (requests to join a network at one time) this was the fast forwarded part. In doing so it could dynamically hear the request from a potential victim and just parrot back using a MadWiFi driver a Linux program what ever the network SSID was and say sure I am so and so network you are in. Karma also has a suite of tools used to emulate common services. "If the connected client had an e-mail client running, it would probably try and connect when the network connection was established. Karma would see the pop3 request and record the login username and password. Without a second card providing a back haul to the Internet, the request would not go through but now the attacker has your password and server address.Same goes for DNS requests being redirected, Web page requests, and other common services." This was a classic Man in the Middle attack. The attacker could see and record everything from multiple users. Ouch!!
The other thing was upon network connection establishment an RSS feed would try to authenticate anolg with browsers and other services configured. This is an awesome book and this is a small sample of chapter 2. The next part shows a further evolution of Karma being mounted on a Metasploit framework which could offer DHCP services and capture even more traffic from the victims client.
This is all in a McDonalds mind you. I thought the food was dangerous. Give me a Big Mac any day over this type of headache. I have been lucky in my use of hot spots but I will be sure to make my choices very carefully in the future. I have just opened this book and have not had a lot of time to read it given the 2 online classes I am taking now. I will power through it in March. Stay safe out there friends.
Haines, B. (2010). Seven Deadliest Wireless Technologies Attacks.Amsterdam: Syngress.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.