SlideShare ist ein Scribd-Unternehmen logo

Wireless Hotspot Security

Jim Geovedi
Jim Geovedi

1. The document discusses security issues with public Wi-Fi hotspots and provides tips on how to hack hotspot networks. It outlines various methods for gaining unauthorized access such as social engineering, prepaid cards, or directly hacking the network configuration or authentication methods. 2. The document analyzes vulnerabilities in several popular hotspot gateway products, noting issues like bypassing login, lack of network segregation, and SQL injection vulnerabilities. 3. Defense strategies proposed include local AP awareness, one-time authentication, customer education, and regular security assessments to help secure hotspot networks.

Technologie
1 von 22
Wi-Fi Hotspot Security Jim Geovedi <jim@geovedi.com>
Information • The printable version of this presentation is less cooler than the original version and also it’s already modified.
How To Use Hotspot • Getting access • Visit hotspot with wireless device • Associate and get network configuration • Open web browser and get redirected to login page • Authenticate • ... welcome to the Internet!
Getting Access • Buy prepaid card • Registration with Credit card • Use now pay later (e.g. charge in your hotel room at INCREDIBLE price) • Send text message (SMS) and get login information • Social engineering • Hacking (sniffing, bruteforcing, etc.)
Hacking The Hotspot
Motivations • If you are bored • If you want to do something bad (e.g. spamming, hacking, etc.) • If you don’t have money or lazy to pay but need Internet connection will hack for bandwidth
Critical Points • Network configuration • Authentication methods • 3rd party interfaces • Misunderstanding the trust
Network Configuration • IP address • Transparent SMTP • Network segregation
Authentication Methods • Web Hacking Kungfu • SQL injection • Cross site scripting • Piggyjacking
3rd Party Interfaces • Integrated with other system: • Payment Management System • ISP’s billing system
Misunderstanding Trust • Unfiltered protocol or port tunneling • DNS (e.g. nstx, ozyman-dns, tunnelx) • UDP • ICMP • Demo account (e.g. free access for 30min] • Rogue 802.11 APs
Rogue 802.11 APs Real AP Rogue AP User
Once you’re in the middle... • Capture (sniff) and manipulate the traffic • Hack the client • Automated attack tools • FISHNet — where we can control client in a fishbowl environment
FISHNet • Taking advantage of suspected client behavior • zero configuration • automatic update system • network services • Fake services traps, exploiting clients, and create backdoor
Analysis On Some Hotspot Gateway Products
Product N • Widely deployed at big hotels • Vulnerabilities: • Can bill the Internet access to someone’s room • Disclose the list of hotel guests to the Internet • Heavily depend on MAC address for identification. Easy to do piggyjacking
Product I • Vulnerabilities: • Easy to bypass login by changing billing_method_id equal to 1 (one) — used by PMS • Only filter port 80... you can SSH to outside host and setup tunnel • Administration page is vulnerable to SQL Injection attacks
Product A • Vulnerabilities: • You can do SQL injection in login page • You can manipulate the cookies • No network segregation
Defense Strategies • Local AP awareness • Customer education • One-time authentication mechanism • Do regular security assessment • Write better code • Don’t charge for hotspot access!

Empfohlen

Wireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundWireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundJim Geovedi
 
Psdot 19 four factor password authentication
Psdot 19 four factor password authenticationPsdot 19 four factor password authentication
Psdot 19 four factor password authenticationZTech Proje
 
Biting into the forbidden fruit. Lessons from trusting Javascript crypto.
Biting into the forbidden fruit. Lessons from trusting Javascript crypto.Biting into the forbidden fruit. Lessons from trusting Javascript crypto.
Biting into the forbidden fruit. Lessons from trusting Javascript crypto.Krzysztof Kotowicz
 
AI & NLP pada @begobet
AI & NLP pada @begobetAI & NLP pada @begobet
AI & NLP pada @begobetJim Geovedi
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Jim Geovedi
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008Jim Geovedi
 
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Jim Geovedi
 
Satellite Telephony Security
Satellite Telephony SecuritySatellite Telephony Security
Satellite Telephony SecurityJim Geovedi
 

Empfohlen

Wireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundWireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundJim Geovedi
 
Psdot 19 four factor password authentication
Psdot 19 four factor password authenticationPsdot 19 four factor password authentication
Psdot 19 four factor password authenticationZTech Proje
 
Biting into the forbidden fruit. Lessons from trusting Javascript crypto.
Biting into the forbidden fruit. Lessons from trusting Javascript crypto.Biting into the forbidden fruit. Lessons from trusting Javascript crypto.
Biting into the forbidden fruit. Lessons from trusting Javascript crypto.Krzysztof Kotowicz
 
AI & NLP pada @begobet
AI & NLP pada @begobetAI & NLP pada @begobet
AI & NLP pada @begobetJim Geovedi
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Jim Geovedi
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008Jim Geovedi
 
Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Adam Laurie - $atellite Hacking for Fun & Pr0fit!
Adam Laurie - $atellite Hacking for Fun & Pr0fit!Jim Geovedi
 
Satellite Telephony Security
Satellite Telephony SecuritySatellite Telephony Security
Satellite Telephony SecurityJim Geovedi
 
Warezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingWarezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingJim Geovedi
 
IDS & Log Management
IDS & Log ManagementIDS & Log Management
IDS & Log ManagementJim Geovedi
 
Hacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverHacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverJim Geovedi
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Jim Geovedi
 
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipHacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipJim Geovedi
 
Professional Hackers
Professional HackersProfessional Hackers
Professional HackersJim Geovedi
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Jim Geovedi
 
The 21st Century Bank Job
The 21st Century Bank JobThe 21st Century Bank Job
The 21st Century Bank JobJim Geovedi
 
Hacking a Bird in the Sky: Hijacking VSAT Connection
Hacking a Bird in the Sky: Hijacking VSAT ConnectionHacking a Bird in the Sky: Hijacking VSAT Connection
Hacking a Bird in the Sky: Hijacking VSAT ConnectionJim Geovedi
 
Hacking Trust
Hacking TrustHacking Trust
Hacking TrustJim Geovedi
 
Waluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaWaluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaJim Geovedi
 
Internet Worms
Internet WormsInternet Worms
Internet WormsJim Geovedi
 
Hacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsHacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsJim Geovedi
 
Cheating the 10,000 hour rule
Cheating the 10,000 hour ruleCheating the 10,000 hour rule
Cheating the 10,000 hour ruleJim Geovedi
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksJim Geovedi
 
Cybercrime
CybercrimeCybercrime
Cybercrimedeepika28g
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsCh 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsSam Bowne
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2Sam Bowne
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Sam Bowne
 
How to hack a telecom and stay alive
How to hack a telecom and stay aliveHow to hack a telecom and stay alive
How to hack a telecom and stay aliveqqlan
 
Sergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay aliveSergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay aliveDefconRussia
 

Weitere ähnliche Inhalte

Andere mochten auch

Warezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingWarezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingJim Geovedi
 
IDS & Log Management
IDS & Log ManagementIDS & Log Management
IDS & Log ManagementJim Geovedi
 
Hacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverHacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverJim Geovedi
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Jim Geovedi
 
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipHacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipJim Geovedi
 
Professional Hackers
Professional HackersProfessional Hackers
Professional HackersJim Geovedi
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Jim Geovedi
 
The 21st Century Bank Job
The 21st Century Bank JobThe 21st Century Bank Job
The 21st Century Bank JobJim Geovedi
 
Hacking a Bird in the Sky: Hijacking VSAT Connection
Hacking a Bird in the Sky: Hijacking VSAT ConnectionHacking a Bird in the Sky: Hijacking VSAT Connection
Hacking a Bird in the Sky: Hijacking VSAT ConnectionJim Geovedi
 
Waluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaWaluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaJim Geovedi
 
Hacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsHacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsJim Geovedi
 
Cheating the 10,000 hour rule
Cheating the 10,000 hour ruleCheating the 10,000 hour rule
Cheating the 10,000 hour ruleJim Geovedi
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksJim Geovedi
 

Andere mochten auch (16)

Warezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite HackingWarezzman - DVB-Satellite Hacking
Warezzman - DVB-Satellite Hacking
 
IDS & Log Management
IDS & Log ManagementIDS & Log Management
IDS & Log Management
 
Hacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to DiscoverHacking Satellite: A New Universe to Discover
Hacking Satellite: A New Universe to Discover
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?
 
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust RelationshipHacking a Bird in the Sky: Exploiting Satellite Trust Relationship
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
 
Professional Hackers
Professional HackersProfessional Hackers
Professional Hackers
 
Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)Satellite Hacking — Intro by Indianz (2012)
Satellite Hacking — Intro by Indianz (2012)
 
The 21st Century Bank Job
The 21st Century Bank JobThe 21st Century Bank Job
The 21st Century Bank Job
 
Hacking a Bird in the Sky: Hijacking VSAT Connection
Hacking a Bird in the Sky: Hijacking VSAT ConnectionHacking a Bird in the Sky: Hijacking VSAT Connection
Hacking a Bird in the Sky: Hijacking VSAT Connection
 
Hacking Trust
Hacking TrustHacking Trust
Hacking Trust
 
Waluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social MediaWaluku: Answering Astronomy Questions through Social Media
Waluku: Answering Astronomy Questions through Social Media
 
Internet Worms
Internet WormsInternet Worms
Internet Worms
 
Hacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry BirdsHacking a Bird in the Sky: The Revenge of Angry Birds
Hacking a Bird in the Sky: The Revenge of Angry Birds
 
Cheating the 10,000 hour rule
Cheating the 10,000 hour ruleCheating the 10,000 hour rule
Cheating the 10,000 hour rule
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
 

Ähnlich wie Wireless Hotspot Security

Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsCh 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsSam Bowne
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2Sam Bowne
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Sam Bowne
 
How to hack a telecom and stay alive
How to hack a telecom and stay aliveHow to hack a telecom and stay alive
How to hack a telecom and stay aliveqqlan
 
Sergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay aliveSergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay aliveDefconRussia
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikPositive Hack Days
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AlivePositive Hack Days
 
y3dips hacking priv8 network
y3dips hacking priv8 networky3dips hacking priv8 network
y3dips hacking priv8 networkidsecconf
 
idsecconf2010-hacking priv8 network
idsecconf2010-hacking priv8 networkidsecconf2010-hacking priv8 network
idsecconf2010-hacking priv8 networkAmmar WK
 
Web authentication
Web authenticationWeb authentication
Web authenticationPradeep J V
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionSachintha Gunasena
 
Redesigning Password Authentication for the Modern Web
Redesigning Password Authentication for the Modern WebRedesigning Password Authentication for the Modern Web
Redesigning Password Authentication for the Modern WebCliff Smith
 
Digital skimming root_conf_ppt
Digital skimming root_conf_pptDigital skimming root_conf_ppt
Digital skimming root_conf_pptArjun BM
 
Ch 7: Attacking Session Management
Ch 7: Attacking Session ManagementCh 7: Attacking Session Management
Ch 7: Attacking Session ManagementSam Bowne
 
CNIT 129S Ch 7: Attacking Session Management
CNIT 129S Ch 7: Attacking Session ManagementCNIT 129S Ch 7: Attacking Session Management
CNIT 129S Ch 7: Attacking Session ManagementSam Bowne
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network SecurityUC San Diego
 

Ähnlich wie Wireless Hotspot Security (20)

Cybercrime
CybercrimeCybercrime
Cybercrime
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsCh 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
 
How to hack a telecom and stay alive
How to hack a telecom and stay aliveHow to hack a telecom and stay alive
How to hack a telecom and stay alive
 
Sergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay aliveSergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay alive
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey Gordeychik
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay Alive
 
Online bankingsecurity
Online bankingsecurityOnline bankingsecurity
Online bankingsecurity
 
y3dips hacking priv8 network
y3dips hacking priv8 networky3dips hacking priv8 network
y3dips hacking priv8 network
 
idsecconf2010-hacking priv8 network
idsecconf2010-hacking priv8 networkidsecconf2010-hacking priv8 network
idsecconf2010-hacking priv8 network
 
Web authentication
Web authenticationWeb authentication
Web authentication
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
 
Redesigning Password Authentication for the Modern Web
Redesigning Password Authentication for the Modern WebRedesigning Password Authentication for the Modern Web
Redesigning Password Authentication for the Modern Web
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
Digital skimming root_conf_ppt
Digital skimming root_conf_pptDigital skimming root_conf_ppt
Digital skimming root_conf_ppt
 
Ch 7: Attacking Session Management
Ch 7: Attacking Session ManagementCh 7: Attacking Session Management
Ch 7: Attacking Session Management
 
Isys20261 lecture 09
Isys20261 lecture 09Isys20261 lecture 09
Isys20261 lecture 09
 
CNIT 129S Ch 7: Attacking Session Management
CNIT 129S Ch 7: Attacking Session ManagementCNIT 129S Ch 7: Attacking Session Management
CNIT 129S Ch 7: Attacking Session Management
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network Security
 

Kürzlich hochgeladen

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 

Kürzlich hochgeladen (20)

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 

Wireless Hotspot Security

  • 1. Wi-Fi Hotspot Security Jim Geovedi <jim@geovedi.com>
  • 2. Information • The printable version of this presentation is less cooler than the original version and also it’s already modified.
  • 3.
  • 4.
  • 5.
  • 6. How To Use Hotspot • Getting access • Visit hotspot with wireless device • Associate and get network configuration • Open web browser and get redirected to login page • Authenticate • ... welcome to the Internet!
  • 7. Getting Access • Buy prepaid card • Registration with Credit card • Use now pay later (e.g. charge in your hotel room at INCREDIBLE price) • Send text message (SMS) and get login information • Social engineering • Hacking (sniffing, bruteforcing, etc.)
  • 9. Motivations • If you are bored • If you want to do something bad (e.g. spamming, hacking, etc.) • If you don’t have money or lazy to pay but need Internet connection will hack for bandwidth
  • 10. Critical Points • Network configuration • Authentication methods • 3rd party interfaces • Misunderstanding the trust
  • 11. Network Configuration • IP address • Transparent SMTP • Network segregation
  • 12. Authentication Methods • Web Hacking Kungfu • SQL injection • Cross site scripting • Piggyjacking
  • 13. 3rd Party Interfaces • Integrated with other system: • Payment Management System • ISP’s billing system
  • 14. Misunderstanding Trust • Unfiltered protocol or port tunneling • DNS (e.g. nstx, ozyman-dns, tunnelx) • UDP • ICMP • Demo account (e.g. free access for 30min] • Rogue 802.11 APs
  • 15. Rogue 802.11 APs Real AP Rogue AP User
  • 16. Once you’re in the middle... • Capture (sniff) and manipulate the traffic • Hack the client • Automated attack tools • FISHNet — where we can control client in a fishbowl environment
  • 17. FISHNet • Taking advantage of suspected client behavior • zero configuration • automatic update system • network services • Fake services traps, exploiting clients, and create backdoor
  • 18. Analysis On Some Hotspot Gateway Products
  • 19. Product N • Widely deployed at big hotels • Vulnerabilities: • Can bill the Internet access to someone’s room • Disclose the list of hotel guests to the Internet • Heavily depend on MAC address for identification. Easy to do piggyjacking
  • 20. Product I • Vulnerabilities: • Easy to bypass login by changing billing_method_id equal to 1 (one) — used by PMS • Only filter port 80... you can SSH to outside host and setup tunnel • Administration page is vulnerable to SQL Injection attacks
  • 21. Product A • Vulnerabilities: • You can do SQL injection in login page • You can manipulate the cookies • No network segregation
  • 22. Defense Strategies • Local AP awareness • Customer education • One-time authentication mechanism • Do regular security assessment • Write better code • Don’t charge for hotspot access!