Evil twin

21
EvilTwin Sanoop Thomas @s4n7h0 Null Mumbai Chapter

TAGS:

Transcript of Evil twin

Page 1: Evil twin

EvilTwinSanoop Thomas

@s4n7h0

Null Mumbai Chapter

Page 2: Evil twin

Agenda

• WiFi Security Evolution• How system talks in WiFi• Threats in Hotspot • EvilTwin Attacks • Countermeasures

Page 3: Evil twin

WiFi Security – A Century Back

Source : theatlantic.com/tech.......

“There was a young fellow of Italy, who diddled the public quite prettily…”

http://www.theatlantic.com/technology/archive/2011/12/the-great-wireless-hack-of-1903/250665/
Page 4: Evil twin

WiFi Security – A Century After

A heart defibrillator remotely controlled by a villainous hacker to trigger a fatal heart attack

Source : gao.gov/prod...

http://www.gao.gov/products/GAO-12-816
Page 5: Evil twin

Technical Aspects

• To see the invisible..– Packet sniffer– Packet injector

• “Weapon”ising– Aircrack-ng Suite• Developed by Thomas d'Otreppe

– ALFA AWSUS036H• Provides 1 wattage • Can be extended

Page 6: Evil twin

Life Connected with WiFi

• Hotspots– Open Authentication– Central login portal– Authentication by SMS token– May have MAC filtering

Page 7: Evil twin

WiFi Handshake

ESSID : MyWiFiBSSID : AA:AA:AA:AA:AA:AA

ESSID : MyWiFiBSSID : BB:BB:BB:BB:BB:BB

Probe Request

Beacon/Probe ResponseESSID: MyWiFi BSSID: AA:AA:AA:AA:AA:AAESSID: MyWiFi BSSID: BB:BB:BB:BB:BB:BB

Authentication RequestBSSID: AA:AA:AA:AA:AA:AA, Auth Algo, SEQ, Status Code

Authentication ResponseBSSID: AA:AA:AA:AA:AA:AA, Auth Algo, SEQ, Status Code

Association RequestBSSID: AA:AA:AA:AA:AA:AA, Privacy info

Association ResponseBSSID: AA:AA:AA:AA:AA:AA, Status Code

Who is over there ? I’m here

Hi

Hello

Can we talk ?

Yeah, surely

Page 8: Evil twin

WiFi Handshake – Packet View

Page 9: Evil twin

EvilTwin

• Replica with radically inverted moralities• Can be physical or logical

Page 10: Evil twin

Making EvilTwin with “MyWiFi”

Page 11: Evil twin

Take a close look at real APmon0

at0

Page 12: Evil twin

Concept of Bridge

• All mobile devices will be connected to mon0• mon0 will be connected to at0• at0 should be bridged with eth0• eth0 can connect to the internet

Page 13: Evil twin

Bridging the Interfaces

Page 14: Evil twin

Eavesdropping

Page 15: Evil twin

Network Redirection

• All mobile’s internet access can be redirected to the attackers’ machine

Page 16: Evil twin

Challenges

• The attackers’ machine is not running abc.com• Concept of proxy

Page 17: Evil twin

Proxy interception

Page 18: Evil twin

Information Stealing

Page 19: Evil twin

Further Attacks on Mobile Devices

Page 20: Evil twin

Countermeasures

• We are talking about Client Side protection • Keep a constant check on the saved WiFi

profiles• Verify WiFi Profiles with “autoconnect” enable• Make sure the mobile devices are updated

with security patches

Page 21: Evil twin

Thanks


Cooperation in Evil Embryo Adoption?. Cooperation in Evil.

Cooperation in Evil Embryo Adoption?. Cooperation in Evil.

Survey Methodology – Part I Why, What, How…And The Evil Twin Nethra Sambamoorthi, PhD Winter 2014 References for images and concepts are provided.

Survey Methodology – Part I Why, What, How…And The Evil Twin Nethra Sambamoorthi, PhD Winter 2014 References for images and concepts are provided.

Hear no evil, see no evil, patch no evil: Or, how to monkey-patch safely.

Hear no evil, see no evil, patch no evil: Or, how to monkey-patch safely.

Ubiquitous Solr - A Database's not-so-evil Twin

Ubiquitous Solr - A Database's not-so-evil Twin

BEER & CIDERBEER & CIDER DRAFT - 7 Pilsner | Bitburger IPA | Evil Twin | Falco BOTTLE OR CAN - 8 Lager | La Cervecería de San Luis | Monopolio Saison | Stillwater Artisanal | Extra

BEER & CIDERBEER & CIDER DRAFT - 7 Pilsner | Bitburger IPA | Evil Twin | Falco BOTTLE OR CAN - 8 Lager | La Cervecería de San Luis | Monopolio Saison | Stillwater Artisanal | Extra

How to tackle the evil twin hotspot threats in public Wi-Fi

How to tackle the evil twin hotspot threats in public Wi-Fi

Hear No Evil, See No Evil, Speak No Evil

Hear No Evil, See No Evil, Speak No Evil

Real LOVE ovecomes evil with good! Rom.1-3. Overcome Evil with Good Do not be overcome by evil, But overcome evil with good. Do not be overcome by evil.

Real LOVE ovecomes evil with good! Rom.1-3. Overcome Evil with Good Do not be overcome by evil, But overcome evil with good. Do not be overcome by evil.

Research Article Exploiting Wireless Received …Research Article Exploiting Wireless Received Signal Strength Indicators to Detect Evil-Twin Attacks in Smart Homes ZhanyongTang, 1

Research Article Exploiting Wireless Received …Research Article Exploiting Wireless Received Signal Strength Indicators to Detect Evil-Twin Attacks in Smart Homes ZhanyongTang, 1

Hear No Evil, Speak No Evil, Slurp No Evil: How the Recent ...

Hear No Evil, Speak No Evil, Slurp No Evil: How the Recent ...

Deliver us from Evil - Anthropology of evil

Deliver us from Evil - Anthropology of evil

The Twin–Twin

The Twin–Twin

Evil Genius 1 Running Head: EVIL GENIUS - PScience · Evil Genius 1 Running Head: EVIL GENIUS . Evil Genius? How Dishonesty Can Lead to Greater Creativity . Francesca Gino . Harvard

Evil Genius 1 Running Head: EVIL GENIUS - PScience · Evil Genius 1 Running Head: EVIL GENIUS . Evil Genius? How Dishonesty Can Lead to Greater Creativity . Francesca Gino . Harvard

PSP: Parkinson’s Evil Twin - MITweb.mit.edu/castanom/Public/Parkinson_Evil_Twin.pdf · In this case, the “dead” hard drive only cost you some hard-earned money and stress. However,

PSP: Parkinson’s Evil Twin - MITweb.mit.edu/castanom/Public/Parkinson_Evil_Twin.pdf · In this case, the “dead” hard drive only cost you some hard-earned money and stress. However,

He who has done evil, expects evil.

He who has done evil, expects evil.

See no evil, hear no evil - BruCON 2017files.brucon.org/2017/008_Matt_Wixey_See_No_Evil.pdf · See no evil, hear no evil ... Read up on relevant laws, ... • “A closer look at

See no evil, hear no evil - BruCON 2017files.brucon.org/2017/008_Matt_Wixey_See_No_Evil.pdf · See no evil, hear no evil ... Read up on relevant laws, ... • “A closer look at

‘Evil Twin’ Wireless Access Point Attack · 2015-05-11 · ‘Evil Twin’ Wireless Access Point Attack 11 Configuring SSLStrip, enable the replacement favicon with a lock picture

‘Evil Twin’ Wireless Access Point Attack · 2015-05-11 · ‘Evil Twin’ Wireless Access Point Attack 11 Configuring SSLStrip, enable the replacement favicon with a lock picture

Hacking Wpa 2 Evil Twin Method

Hacking Wpa 2 Evil Twin Method

FORWARD MOTION The ABC’s of TODplannersweb.com/wp-content/uploads/2012/07/278.pdf · TOD’s evil twin brother, TAD: Transit Adjacent Development. TAD features buildings near transit

FORWARD MOTION The ABC’s of TODplannersweb.com/wp-content/uploads/2012/07/278.pdf · TOD’s evil twin brother, TAD: Transit Adjacent Development. TAD features buildings near transit

HEAR NO EVIL, SEE NO EVIL, AND SPEAK NO EVIL: A CRITIQUE ...archive.kubatana.net/docs/elec/rau_critique_zec... · HEAR NO EVIL, SEE NO EVIL, AND SPEAK NO EVIL: A CRITIQUE OF THE ZIMBABWE

HEAR NO EVIL, SEE NO EVIL, AND SPEAK NO EVIL: A CRITIQUE ...archive.kubatana.net/docs/elec/rau_critique_zec... · HEAR NO EVIL, SEE NO EVIL, AND SPEAK NO EVIL: A CRITIQUE OF THE ZIMBABWE