802.11 Wireless Attacks  Home ToC Prev Up Next 
802.11
Attacks
+O/S/M Vulnerabilities
WEP Encryption
Passive Attacks
Active Attacks
IV Reply Attack
Bit-flipping Attack
ManInTheMiddle
MITM Attack
Cisco LEAP
LEAP weaknesses
LEAP attack
ICV issue
Passive WPA PSK
WPA PSK attacks
PSK attack tools
Conclusion
  

O/S/M Vulnerabilities

  • Open authentication vulnerabilities - no way for the the AP to determine whether a client is valid or not (WEP encryption should be always implemented)

  • Shared key authentication vulnerabilities - requires the client use a preshared WEP key. An attacker can capture both the plain-text challenge text and the cipher-text response and performs an exclusive (XOR) function on the plain-text with the cipher-text to produce the key stream

  • MAC address authentication vulnerabilities - an attacker can subvert the MAC authentication process by "spoofing" valid MAC address
Copyright © 2005 Pavol Lupták, OpenWeekend 2005  Prev Next