Wireless access point spoofing

Document Sample
Wireless access point spoofing Powered By Docstoc
					Wireless access point spoofing

   By: Eric Edstrom & Jed Wendell
        How we’re going to bore you
                 (and in what order)

•   Project Description
•   Why we didn’t find this boring
•   Tools: Backtrack and Airsnarf
•   Attack Demonstration Video
•   What we’ve learned from all this
•   Questions
            Project Description
• Goal:
  – Perform an “evil twin” attack by creating a “rogue”
    access point which appears legitimate
• How it’s done:
  – Specialized software and hardware
  – Captured web pages of interest
• Result:
  – Obtain personal information
   Why we didn’t find this boring
• General interest in wireless security
• Interest in expanding the functionality of our
  software base
• Unlike cracking encryption keys or other
  attacks which are illegal, this is not an attack
  on an existing network
• This attack does not require a real network;
  the software creates its own
          Backtrack & Airsnarf
• Backtrack:
  – Linux distribution designed for security
  – Contains over 300 security tools
• Airsnarf:
  – Comes pre-installed in Backtrack (requires
  – Provides the framework for broadcasting a
    “rogue” access point
AirSnarf functionality and modifications
• Written in Perl
• Utilizes Apache HTTP Server
• Originally designed to spoof
  an account-based hotspot,
  i.e. T-Mobile at Starbucks
• We modified its DNS to be
  able to spoof more than
  one site, expanding the
  initial attack capability
Attack Demonstration
          What we’ve learned
• A little more about Linux
• This would have been easier to do 3 years ago
  – Several of the original software and hardware
    components of this are not available anymore
• This attack is possible and unless wireless
  users are using VPN’s or other security
  measures when using unsecured wireless
  networks – they may become victim to this
  type of attack
Futurama Video – Fin

 Thank You!