Evil twin

Post on 18-Aug-2015

86 views 1 download

Preview:

Click to see full reader

Tags:

Report this document
SHARE

Transcript of Evil twin

EvilTwinSanoop Thomas

@s4n7h0

Null Mumbai Chapter

Agenda

• WiFi Security Evolution• How system talks in WiFi• Threats in Hotspot • EvilTwin Attacks • Countermeasures

WiFi Security – A Century Back

Source : theatlantic.com/tech.......

“There was a young fellow of Italy, who diddled the public quite prettily…”

http://www.theatlantic.com/technology/archive/2011/12/the-great-wireless-hack-of-1903/250665/

WiFi Security – A Century After

A heart defibrillator remotely controlled by a villainous hacker to trigger a fatal heart attack

Source : gao.gov/prod...

http://www.gao.gov/products/GAO-12-816

Technical Aspects

• To see the invisible..– Packet sniffer– Packet injector

• “Weapon”ising– Aircrack-ng Suite• Developed by Thomas d'Otreppe

– ALFA AWSUS036H• Provides 1 wattage • Can be extended

Life Connected with WiFi

• Hotspots– Open Authentication– Central login portal– Authentication by SMS token– May have MAC filtering

WiFi Handshake

ESSID : MyWiFiBSSID : AA:AA:AA:AA:AA:AA

ESSID : MyWiFiBSSID : BB:BB:BB:BB:BB:BB

Probe Request

Beacon/Probe ResponseESSID: MyWiFi BSSID: AA:AA:AA:AA:AA:AAESSID: MyWiFi BSSID: BB:BB:BB:BB:BB:BB

Authentication RequestBSSID: AA:AA:AA:AA:AA:AA, Auth Algo, SEQ, Status Code

Authentication ResponseBSSID: AA:AA:AA:AA:AA:AA, Auth Algo, SEQ, Status Code

Association RequestBSSID: AA:AA:AA:AA:AA:AA, Privacy info

Association ResponseBSSID: AA:AA:AA:AA:AA:AA, Status Code

Who is over there ? I’m here

Hi

Hello

Can we talk ?

Yeah, surely

WiFi Handshake – Packet View

EvilTwin

• Replica with radically inverted moralities• Can be physical or logical

Making EvilTwin with “MyWiFi”

Take a close look at real APmon0

at0

Concept of Bridge

• All mobile devices will be connected to mon0• mon0 will be connected to at0• at0 should be bridged with eth0• eth0 can connect to the internet

Bridging the Interfaces

Eavesdropping

Network Redirection

• All mobile’s internet access can be redirected to the attackers’ machine

Challenges

• The attackers’ machine is not running abc.com• Concept of proxy

Proxy interception

Information Stealing

Further Attacks on Mobile Devices

Countermeasures

• We are talking about Client Side protection • Keep a constant check on the saved WiFi

profiles• Verify WiFi Profiles with “autoconnect” enable• Make sure the mobile devices are updated

with security patches

Thanks

Top related

Twin-Twin-Twin- MMM ImpellerImpellerImpeller CIVIL ... · CA-CA(N)CA-CA(N)CA-CA(N) SeriesSeriesSeries Twin-Twin-Twin-ImpellerImpellerImpeller Centrifugal ElectricElectricElectric
 Documents
Evil Genius 1 Running Head: EVIL GENIUS - PScience · Evil Genius 1 Running Head: EVIL GENIUS . Evil Genius? How Dishonesty Can Lead to Greater Creativity . Francesca Gino . Harvard
 Documents
Cooperation in Evil Embryo Adoption?. Cooperation in Evil.
 Documents
WiFiHop - Mitigating the Evil Twin Attack through Multi-hop Detection
 Documents
See No Evil, Say No Evil: Description Generation from ...markyatskar.com/publications/StarSem2014-SeeNoEvil.pdf · See No Evil, Say No Evil: ... tive sentences from densely annotated
 Documents
Multipot A More Potent Variant of Evil Twin - DEF CON A More Potent Variant of Evil Twin ... 1 00 200 30 400 500 600 1000 ReAssociation Latency ... 8.
 Documents
Flux Dependent Non-Linearity: The Evil Twin of Persistence
 Documents
Evil and Suffering. Evil Evil: “physical pain, mental suffering and moral wickedness”(John Hick, Philosophy and Religion) Four types of evil : Natural.
 Documents
See no evil, hear no evil - BruCON 2017files.brucon.org/2017/008_Matt_Wixey_See_No_Evil.pdf · See no evil, hear no evil ... Read up on relevant laws, ... • “A closer look at
 Documents
Resident Evil 1 - Créer un blog gratuitement - …ekladata.com/tNr7c6hW9GlQuoMSip3kE8K5yoo.pdfResident Evil: Deadly Silence 56 Resident Evil: Umbrella Chronicles 56 Resident Evil:
 Documents
Evil Twin Wpa Wpa2.
 Documents
THE COPY AND ITS EVIL TWIN: THIRTEEN NOTES ON …web.mit.edu/allanmc/www/nagle.forgery.pdfTHE COPY AND ITS EVIL TWIN: THIRTEEN NOTES ON FORGERY ALEXANDER NAGEL 1. You would expect
 Documents
Twin-Turbo TWIN-TURBO POWER GUIDE Twin-Turbo Returns
 Documents
Deliver us from Evil - Anthropology of evil
 Spiritual
Hear no evil, see no evil, patch no evil: Or, how to monkey-patch safely.
 Software
Facing Your Evil Twin Victor G. Young, Jr. Department of Chemistry University of Minnesota 207 Pleasant St. S.E. Minneapolis, MN 55455 USA vyoung@umn.edu@umn.edu.
 Documents
Evil Twin vulnerabilities in Wi-Fi networks · Evil Twin vulnerabilities in Wi-Fi networks Author ... Because each group can be implemented in various ... Eduroam maintains a policy
 Documents
RISK 2008 - GNUCITIZEN · The security model of Web2.0 is represented by the grand total of every participating technology. LET'S BEGIN web2.0 issue run-down. EVIL TWIN ATTACKS. EVIL
 Documents
Research Article Exploiting Wireless Received …Research Article Exploiting Wireless Received Signal Strength Indicators to Detect Evil-Twin Attacks in Smart Homes ZhanyongTang, 1
 Documents
Ubiquitous Solr - A Database's Not-So-Evil Twin: Presented by Ayon Sinha, WalmartLabs
 Technology

Copyright © 2022 FDOCUMENTS