Exploiting Windows Automatic Wireless Association
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore a new technique called "Lure10" for exploiting Windows automatic wireless association in this 32-minute conference talk from HITB2017AMS. Learn how this attack enables attackers to achieve a man-in-the-middle position against Windows devices without user interaction. Discover the limitations of the traditional KARMA attack and how Lure10 overcomes modern network manager countermeasures. Understand the details of the attack, its implementation in the Wifiphisher tool, and compare automatic association behaviors across operating systems. Gain insights into man-in-the-middle case studies and countermeasures. Examine topics such as WiFi Sense, network data collection, frame sending, denial of service attacks, location service spoofing, and Microsoft's response to this vulnerability. Find out if you're affected and how to protect yourself against this exploit.
Syllabus
Introduction
What is this attack
The Karma attack
Countermeasures
WiFi Sense
Finding the right networks
Collecting the right data
Sending the frames
Automatic Wireless Association Algorithm
Denial of Service Attack
Location Service Spoof
Fake Networks
Location Service
Microsoft Response
Am I affected
How to protect yourself
WiFi Visser
Conclusion
Taught by
Hack In The Box Security Conference
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network