Archive

Posts Tagged ‘MIM’

The New Attack on WPA/TKIP: Much Ado About Nothing?

September 8th, 2009

The recently announced improved version of the original Beck-Tews attack on WPA/TKIP appears to have put the wireless security community in a tizzy again.  In this post, I argue that the new attack is neither groundbreaking in academic terms, nor is it more worrying in practical terms.

The proposed attack assumes (somewhat unrealistically) that the AP and client cannot hear each other but the attacker can hear both (and can thus act as a man-in-the-middle).  In terms of attack speed as well, it is actually slower than the original attack under its stated assumptions.

Read more…

Wireless security , , ,

Karmetasploit: Integrated Tools Lower Bar On Hacking Wireless Clients

May 25th, 2009

Metasploit Framework integrated with KARMA! Metasploit is most potent security penetration and exploit development platform, while KARMA is a potent Evil Twin (Honeypot) tool with attracts unassuming wireless clients. With this integrated tool, it is all the more easier to establish wireless connectivity with probing wireless clients and “Metasploit” them.
http://trac.metasploit.com/wiki/Karmetasploit
http://blog.trailofbits.com/karma/ Read more…

Best practices, Wireless security , , , , , ,