Wireless Vulnerabilities & Exploits
Wireless Vulnerabilities & Exploits
WVE ID: WVE-2005-0018
Type: Exploit
Status: Candidate
Classification:
Authentication Management
Denial of Service
Design Flaw
Description:
AirJack is a suite of tools and a special driver for exploiting inherrent vulnerabilities in 802.11 networks.
Discussion:
The AirJack package consists of a Linux device special driver that can be used to allow the simultaneous reception and injection of raw 802.11 frames. The driver works with PRISM2 and Hermes based cards.
The tools provided with the driver illustrate the inherent problems with 802.11 centered around the lack of management frame authentication.
These tools include:
* essid_jack: Actively reveals SSID of networks with SSID turned off in beacons by deauthinticating clients and observing their probe requests during reconnection
* kracker_jack: Performs MiTM attacks between a wireless station and a WAVEsec VPN server
* monkey_jack: Performs MiTM attacks on wireless stations
* wlan_jack: Performs spoofed Deauthentication frame DoS attacks on whole networks or individual associated stations.
In addition, binaries for setting the wireless interface's channel and MAC address are also included.
NOTE: Newer releases of AirJack do not include kracker_jack, monkey_jack, or wlan_jack.
Credits
Author:
Michael
Lynn
(abaddon@802.11ninja.net)
: None
References
URL:
http://sourceforge.net/projects/airjack/
URL:
http://www.blackhat.com/presentations/bh-usa-02/baird-lynn/bh-us-02-lynn-802.11attack.ppt
WVE:
WVE-2005-0019
WVE:
WVE-2005-0045
Released: 2002-08-01
Submitter
Andrew
Lockhart
(alockhart@networkchemistry.com)
: Network Chemistry
Submitted: Mon Oct 24 16:35:15 -0700 2005
Candidate Date: Mon Oct 24 16:35:41 -0700 2005
