User Tools

Site Tools


links

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
links [2017/06/15 17:22]
mister_x [Technique Papers] Encrypted WiFi packet injection and circumventing wireless intrusion prevention systems
links [2017/06/24 18:56] (current)
mister_x Moved some papers from one section to another and added a new paper.
Line 38: Line 38:
   * [[http://​corelabs.coresecurity.com/​index.php?​module=Wiki&​action=view&​type=publication&​name=WPA_MIGRATION_MODE|WPA Migration mode: WEP is back to haunt you...]] by Leandro Meiners and Diego Sor. Migration mode, from Cisco, allows both WEP and WPA clients on the same AP. Besides the fact that the WEP key can be cracked easily, they also bypass the additional security settings offered by Cisco. Here is the [[http://​corelabs.coresecurity.com/​index.php?​module=Wiki&​action=attachment&​type=publication&​page=WPA_MIGRATION_MODE&​file=Meiners%2C_Sor_-_WPA_Migration_Mode_WEP_is_back_to_haunt_you_-_slides.pdf|slides of the presentation]] and the [[http://​corelabs.coresecurity.com/​index.php?​module=Wiki&​action=attachment&​type=publication&​page=WPA_MIGRATION_MODE&​file=Meiners%2C_Sor_-_WPA_Migration_Mode_WEP_is_back_to_haunt_you.pdf|paper]].   * [[http://​corelabs.coresecurity.com/​index.php?​module=Wiki&​action=view&​type=publication&​name=WPA_MIGRATION_MODE|WPA Migration mode: WEP is back to haunt you...]] by Leandro Meiners and Diego Sor. Migration mode, from Cisco, allows both WEP and WPA clients on the same AP. Besides the fact that the WEP key can be cracked easily, they also bypass the additional security settings offered by Cisco. Here is the [[http://​corelabs.coresecurity.com/​index.php?​module=Wiki&​action=attachment&​type=publication&​page=WPA_MIGRATION_MODE&​file=Meiners%2C_Sor_-_WPA_Migration_Mode_WEP_is_back_to_haunt_you_-_slides.pdf|slides of the presentation]] and the [[http://​corelabs.coresecurity.com/​index.php?​module=Wiki&​action=attachment&​type=publication&​page=WPA_MIGRATION_MODE&​file=Meiners%2C_Sor_-_WPA_Migration_Mode_WEP_is_back_to_haunt_you.pdf|paper]].
   * [[http://​infoscience.epfl.ch/​record/​186876|Smashing WEP in A Passive Attack]] by Sepehrdad, Pouyan; Susil, Petr; Vaudenay, Serge; Vuagnoux, Martin   * [[http://​infoscience.epfl.ch/​record/​186876|Smashing WEP in A Passive Attack]] by Sepehrdad, Pouyan; Susil, Petr; Vaudenay, Serge; Vuagnoux, Martin
-  * [[https://​forums.kali.org/​showthread.php?​24286-WPS-Pixie-Dust-Attack-(Offline-WPS-Attack)|Pixie dust attack]] on WPS. Presentation available [[http://​archive.hack.lu/​2014/​Hacklu2014_offline_bruteforce_attack_on_wps.pdf|here]]. And they have a [[http://​www.github.com/​wiire/​pixiewps|GitHub repository]]. 
-  * [[http://​www.slideshare.net/​vanhoefm/​predicting-and-abusing-wpa280211-group-keys|Predicting and Abusing WPA2/802.11 Group Keys]] by Mathy Vanhoef ([[http://​papers.mathyvanhoef.com/​33c3-broadkey-slides.pdf|PDF]]) 
   * [[http://​dl.aircrack-ng.org/​wiki-files/​doc/​Encrypted_WiFi_packet_injection.pdf|Encrypted WiFi packet injection and circumventing wireless intrusion prevention systems]] by Tim de Waal   * [[http://​dl.aircrack-ng.org/​wiki-files/​doc/​Encrypted_WiFi_packet_injection.pdf|Encrypted WiFi packet injection and circumventing wireless intrusion prevention systems]] by Tim de Waal
  
Line 51: Line 49:
   * [[http://​download.aircrack-ng.org/​wiki-files/​doc/​technique_papers/​bittau-wep.pdf|The Final Nail in WEP's Coffin]] by Andrea Bittau, Mark Handley and Josua Lackey, May 21, 2006.  A local copy of the presentation slides is located [[http://​download.aircrack-ng.org/​wiki-files/​doc/​Final-Nail-in-WEPs-Coffin.slides.pdf|here]].   * [[http://​download.aircrack-ng.org/​wiki-files/​doc/​technique_papers/​bittau-wep.pdf|The Final Nail in WEP's Coffin]] by Andrea Bittau, Mark Handley and Josua Lackey, May 21, 2006.  A local copy of the presentation slides is located [[http://​download.aircrack-ng.org/​wiki-files/​doc/​Final-Nail-in-WEPs-Coffin.slides.pdf|here]].
   * [[https://​www.rc4nomore.com/​vanhoef-usenix2015.pdf|All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS]] by Mathy Vanhoef and Frank Piessens, Katholieke Universiteit Leuven. Slides can be found [[https://​www.usenix.org/​sites/​default/​files/​conference/​protected-files/​sec15_slides_vanhoef.pdf|here]] and the video of the presentation [[https://​www.usenix.org/​node/​190889|here]].   * [[https://​www.rc4nomore.com/​vanhoef-usenix2015.pdf|All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS]] by Mathy Vanhoef and Frank Piessens, Katholieke Universiteit Leuven. Slides can be found [[https://​www.usenix.org/​sites/​default/​files/​conference/​protected-files/​sec15_slides_vanhoef.pdf|here]] and the video of the presentation [[https://​www.usenix.org/​node/​190889|here]].
 +  * [[https://​forums.kali.org/​showthread.php?​24286-WPS-Pixie-Dust-Attack-(Offline-WPS-Attack)|Pixie dust attack]] on WPS. Presentation available [[http://​archive.hack.lu/​2014/​Hacklu2014_offline_bruteforce_attack_on_wps.pdf|here]]. And they have a [[http://​www.github.com/​wiire/​pixiewps|GitHub repository]].
 +  * [[http://​www.slideshare.net/​vanhoefm/​predicting-and-abusing-wpa280211-group-keys|Predicting and Abusing WPA2/802.11 Group Keys]] by Mathy Vanhoef ([[http://​papers.mathyvanhoef.com/​33c3-broadkey-slides.pdf|PDF]])
 +  * [[https://​www.petsymposium.org/​2017/​papers/​issue4/​paper82-2017-4-source.pdf|A Study of MAC Address Randomization in Mobile Devices and When it Fails]] by Jeremy Martin, Travis Mayberry, Collin Donahue, Lucas Foppe, Lamont Brown, Chadwick Riggins, Erik C. Rye, and Dane Brown
  
 ===== 802.11 Specifications ==== ===== 802.11 Specifications ====
links.txt ยท Last modified: 2017/06/24 18:56 by mister_x