Efficient Wi-Fi Phishing Attacks: Would You Fall for That? (tripwire.com)
23 points by sophron 1 hour ago | hide | past | web | 4 comments | favorite





Bad title, but it makes an interesting point. I knew I can just make a WiFi network with the same settings as the original and have phones automatically connect to it (I use this as pre-doorbell warning sometimes, waiting for my parents or girlfriend to connect when nearby), and I also know that I can read and modify their traffic at that point.

What I somehow forgot to consider is that when my phone autoconnects to a network (or attempts to), the AP owner or anyone nearby might also be able to crack the WPA2 password. Good thing it uses PBKDF2 because I know some terrible ones.

I don't have time to read the full spec now unfortunately (I might later). Does anyone know what parameters are used for pbkdf2, specifically the number of iterations?

It's PBKDF2 with SHA1, 4096 iterations and 32 bytes of output. That's relatively weak, and thanks to the defective structure of PBKDF2, an attacker will parallelise each output block.

How do you redirect to the phishing site, if you are currently browsing an SSL encrypted website without making it to obvious? Since you get an error message in the browser...

Yea, it's very possible I'd fall for that.

