Dailydave mailing list archives
Re: Slashback!
From: Alexander Bochmann <ab () lists gxis de>
Date: Mon, 16 Jan 2006 18:57:20 +0100
...on Sun, Jan 15, 2006 at 09:56:14AM -0600, Technocrat wrote:
Dave Aitel wrote:How does this: http://it.slashdot.org/it/06/01/15/0815207.shtml Differ from this: http://www.theta44.org/karma/index.htmlGood point, I have heard of this attack before now..it isn't very "new" just not talked about in a large public forum before now.
Perhaps I'm missing something critical here, but this seems exactly like the thing that hotspotter[1] is targeting, and that was released in April 2004.
From the readme: "A Windows XP client will probe for all
the preferred network names listed in the wireless client configuration during startup, powersave-wakeup and when the driver reports signal loss for the current network name. [..] Due to this configuration, it is possible to force a client to disclose the list of configured profiles, and then establish a connection to a rogue network using one of the preferred network names." Alex. [1] http://www.remote-exploit.org/index.php/Hotspotter_main
Current thread:
- Slashback! Dave Aitel (Jan 15)
- Re: Slashback! Dino A . Dai Zovi (Jan 15)
- Re: Slashback! H D Moore (Jan 15)
- Re: Slashback! Kurt Grutzmacher (Jan 16)
- Re: Slashback! Mike Kershaw (Jan 17)
- Re: Slashback! Kurt Grutzmacher (Jan 16)
- Re: Slashback! Technocrat (Jan 15)
- Re: Slashback! Alexander Bochmann (Jan 16)
- Re: Slashback! Dino A. Dai Zovi (Jan 16)
- Re: Slashback! Alexander Bochmann (Jan 16)
- <Possible follow-ups>
- RE: Slashback! Taylor, Gord (Jan 16)
- Re: Slashback! Dino A. Dai Zovi (Jan 16)
- Re: Slashback! byte_jump (Jan 17)
- Re: Slashback! Curt Wilson (Jan 17)
- Re: Slashback! Dino A. Dai Zovi (Jan 16)
- RE: Slashback! Taylor, Gord (Jan 16)
- RE: Slashback! Skyler King (Jan 18)
- RE: Slashback! Dave Korn (Jan 18)
- RE: Slashback! Skyler King (Jan 18)