Saturday, 22 March 2014

Wifi hotpot spoofing attack

I was thinking today about a possible attack method spoofing wifi hotspots. I'm sure this probably already exists, but I'll write about what I was thinking nonetheless.

I'm pretty sure it would be possible to make a computer with a wifi card appear to be a wifi router. i.e. the computer advertises a wifi network that other computers can join. This could be either a secure or insecure network. For example, if running the spoofing computer in Starbucks, the cracker might use a similar SSID to the Starbucks own SSID, and use the same password.

By spoofing the DNS services once target computers are connected to the spoofing computer, it should be possible to make it appear to users that they are accessing the domain of a particular website, and hence would enter password details. The only defence in this circumstance would be the certificate of the website.

No comments: