Wi-Fi Vulnerabilities

Summary

Excerpt From Introduction to Wireless Threat Intelligence Webinar/
Learn about Wi-Fi vulnerabilities from CTO Dr. Brett Walkenhorst /
By keeping an eye on Wi-Fi packets, hackers can obtain useful information for things like password cracking and denial-of-service assaults. An especially intriguing subtype is the evil twin assault, in which perpetrators pose as a reliable network in order to deceive targets into connecting, then take advantage of that connection. Hacker gadgets, such Wi-Fi USB rubber duckies, Wi-Fi pineapples, and OMG cables, are sold as pen testing equipment but are actually utilized by shady characters.

Video Transcript

For Wi Fi, there are a number of categories that are of interest just by monitoring the wifi packets in an area, attackers can get a lot of interesting information. They may even be able to crack credentials based on what they they sniff They might even be able to do souping directly if there's an open network nearby.

Denilous service is a common one, but typically leads to other types of attacks. One of the most common approaches that people will take with WiFi is to instantiate, well, to set up rogue access points to do any number of things, but One of the more interesting subsets of that attack is an evil twin attack in which we're trying to emulate a known network that a client trusts in order to get them to connect to us and then exploit that connection in some way.

We can do authentication cracking using evil twins or any number of other mechanisms. I've got a connection with an evil twin, I can directly attack that client through a a number of different, tools available. And then there's a whole host of devices that are I call them hacker devices ostensibly they're marketed as pen testing tools, and I'm sure they're used for that legitimate purpose, but as you might know, I can use something for pen testing, I can use it for bad bad purposes as well.

And and those tools range from a wifi USB rubber ducky, which you see depicted just to the right text. There's a d oth watch that's kinda cool. WiFi coconut for multi channel WiFi listening and or attack. Wi Fi pineapple, which is a cool little device that you can use to instantiate an evil twin attack pretty pretty easily.

O m g cable is another one These kinds of tools are out in the wild and they get used by bad actors. There was an example from few years back from from some Russian operatives in the from the GRU. That were apprehended in Western Europe with a whole trunk load of equipment including wifi surveillance and attack tools and they were using that to surveil and attack WiFi networks.

They had a political reason for doing so, but anyway, they they were apprehended and that picture in the middle of the slide indicates know, that story of those agents. More recently, just last year, I believe there was, some drones that were outfitted with some equipment, including a WiFi pineapple, among other things.

And, they executed an attack on a financial firm's WiFi net work, they were able to crack the credentials, tunnel into the network and started playing around with some of the internal resources. They were eventually caught, but that initial access was was by WiFi, and that was a really interesting delivery mechanism.

And I think we're probably gonna continue to see creative things like that where people are trying to access something that they shouldn't be allowed to access.