.

Wireless Assessments

<<

cb122

Newbie
Newbie

Posts: 20

Joined: Tue Jan 15, 2013 8:54 am

Post Fri Mar 22, 2013 5:13 am

Wireless Assessments

When you do your pen tests/vulnerability assessments of Wireless Network infrastructure/equiptment, do you still come across any common vulnerabilities in this area? Could you share any common vulns you find in wireless systems?

Thanks
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Fri Mar 22, 2013 11:33 am

Re: Wireless Assessments

We have occasional success with this: http://blog.depthsecurity.com/2010/11/w ... an-no.html
The day you stop learning is the day you start becoming obsolete.
<<

UKSecurityGuy

User avatar

Jr. Member
Jr. Member

Posts: 88

Joined: Wed Mar 27, 2013 10:51 am

Post Fri Apr 19, 2013 6:33 am

Re: Wireless Assessments

It's rarely in scope - but if I do wireless assessments when any mobiles are fair game, I always gain credentials through an Evil Access Point.

1. Setup Evil AP in center of client's establishment
2. Client's mobile phones connect to Evil AP (because there is always a handful of people that use their WIFI in McDonalds)
3. Capture credentials

The vulnerbility in this case is the mobile devices trusting random wireless access points. The client is informed that policy should be implemented so that users of company equipment are not allowed to connect to non-approved wireless hot spots.

Return to Wireless

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software