Uploaded on

null Mumbai Chapter - May 2013 Meet

null Mumbai Chapter - May 2013 Meet

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. EvilTwin Sanoop Thomas@s4n7h0Null Mumbai Chapter
  • 2. Agenda• WiFi Security Evolution• How system talks in WiFi• Threats in Hotspot• EvilTwin Attacks• Countermeasures
  • 3. WiFi Security – A Century BackSource : theatlantic.com/tech.......“There was a young fellow of Italy, who diddledthe public quite prettily…”
  • 4. WiFi Security – A Century AfterA heart defibrillator remotely controlled by avillainous hacker to trigger a fatal heart attackSource : gao.gov/prod...
  • 5. Technical Aspects• To see the invisible..– Packet sniffer– Packet injector• “Weapon”ising– Aircrack-ng Suite• Developed by Thomas dOtreppe– ALFA AWSUS036H• Provides 1 wattage• Can be extended
  • 6. Life Connected with WiFi• Hotspots– Open Authentication– Central login portal– Authentication by SMS token– May have MAC filtering
  • 7. WiFi HandshakeESSID : MyWiFiBSSID : AA:AA:AA:AA:AA:AAESSID : MyWiFiBSSID : BB:BB:BB:BB:BB:BBProbe RequestBeacon/Probe ResponseESSID: MyWiFi BSSID: AA:AA:AA:AA:AA:AAESSID: MyWiFi BSSID: BB:BB:BB:BB:BB:BBAuthentication RequestBSSID: AA:AA:AA:AA:AA:AA, Auth Algo, SEQ, Status CodeAuthentication ResponseBSSID: AA:AA:AA:AA:AA:AA, Auth Algo, SEQ, Status CodeAssociation RequestBSSID: AA:AA:AA:AA:AA:AA, Privacy infoAssociation ResponseBSSID: AA:AA:AA:AA:AA:AA, Status CodeWho is over there ?I’m hereHiHelloCan we talk ?Yeah, surely
  • 8. WiFi Handshake – Packet View
  • 9. EvilTwin• Replica with radically inverted moralities• Can be physical or logical
  • 10. Making EvilTwin with “MyWiFi”
  • 11. Take a close look at real APmon0at0
  • 12. Concept of Bridge• All mobile devices will be connected to mon0• mon0 will be connected to at0• at0 should be bridged with eth0• eth0 can connect to the internet
  • 13. Bridging the Interfaces
  • 14. Eavesdropping
  • 15. Network Redirection• All mobile’s internet access can be redirectedto the attackers’ machine
  • 16. Challenges• The attackers’ machine is not running abc.com• Concept of proxy
  • 17. Proxy interception
  • 18. Information Stealing
  • 19. Further Attacks on Mobile Devices
  • 20. Countermeasures• We are talking about Client Side protection• Keep a constant check on the saved WiFiprofiles• Verify WiFi Profiles with “autoconnect” enable• Make sure the mobile devices are updatedwith security patches
  • 21. Thanks