Black Hat EU 2013 - Practical Exploitation Using A Malicious Service Set Identifier (SSID)

By: Deral Heiland

How easily we overlook a simple wireless SSID, and think nothing of it or its potential risk to us. In this presentation I will be discussing the leveraging of SSIDs to inject various attacks into Wireless devices, and management consoles. The type of injection attacks discussed will include XSS, CSRF, command injection and format strings attacks. I will be discussing various malicious SSID restrictions, limitations, and potential attack success dependencies. Using live demonstrations I will show how each of these attack methods are carried out. In conclusion I will be discussing how common this attack vector potentially is, and its overall risk factors.





Video at DerbyCon 2013 




Download slide tại đây, hoặc tại đây

Comments

Popular posts from this blog

Thiết lập card không dây trên Kali Linux

Monitor mode

Giới thiệu - Scapy