WiFuzz - Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the detection and exploitation of logical flaws in Wi-Fi cryptographic handshake implementations in this 44-minute Black Hat conference talk by Mathy Vanhoef. Delve into the security aspects of the Wi-Fi handshake, learn about model-based testing approaches, and examine specific vulnerabilities such as missing downgrade checks and targeted denial-of-service attacks. Gain insights into frame layouts, test generation rules, and real-world examples involving Windows 7, Broadcom, and OpenBSD. Understand the importance of identifying logical vulnerabilities beyond common programming errors in Wi-Fi security.
Syllabus
Intro
How secure is the Wi-Fi handshake?
Background: the Wi-Fi handshake
Wi-Fi handshake simplified
Frame Layouts
How to test implementations?
Modelbased testing our approach
Test generation rules
Missing downgrade checks
Windows 7 targeted Dos
Broadcom downgrade
OpenBSD: client man-in-the-middle
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube