Presentation Material
Abstract
Threat of Evil Twin and Honeypots lurking at office parking lots and public hotspots are well known yet awareness level among WiFi users about exposure to such threats remains quite low. Security conscious WiFi users and IT administrators too don’t have any simple tools to assess security posture of WiFi clients active in their airspace.
Wi-Fish Finder is a tool for assessing whether WiFi devices active in the air are vulnerable to “phishing” attacks. Assessment is performed through a combination of passive traffic sniffing and active probing techniques. Most WiFi clients keep a memory of networks (SSIDs) they have connected to in the past. Wi-Fish Finder first builds a list of probed networks and then using a set of clever techniques also determines security setting of each probed network. A client is a fishing target if it is actively seeking to connect to an OPEN or a WEP network. Clients only willing to connect to WPA or WPA2 networks are not completely safe either! To find out why , come and attend this talk and witness some live action. There is >50% chance that your laptop will bite the bait!
AI Generated Summary
This presentation discusses a security research tool designed to discover and assess the security posture of WiFi-enabled client devices, such as laptops and smartphones, within a given environment. The tool’s primary function is to identify vulnerable clients connected to a network, shifting focus from traditional infrastructure testing to the client attack surface.
The tool operates by deploying phishing access points that mimic legitimate networks, such as those found in airports or hotels. When a client device connects to this rogue access point, the tool can perform various attacks to evaluate its security. Key techniques include launching dictionary-based attacks against WPA2-PSK configurations and exploiting client-side vulnerabilities. The research highlights that a significant percentage of client devices in public spaces can be profiled and potentially compromised through such methods.
Practical implications include the need for security assessments to explicitly include client device testing, not just network infrastructure. The tool demonstrates that users connecting to open or public WiFi networks are at risk of having their device security posture evaluated and potentially exploited. The findings underscore the importance of client-side hardening, secure WiFi configuration practices, and user awareness regarding automatic connection to unfamiliar networks. The tool serves as a proof-of-concept for identifying weaknesses in the “last hop” of the wireless connection.