Penetration Testing mailing list archives
Re: tunneling through hotspot firewall
From: Daniel Gultsch <daniel () gultsch de>
Date: Fri, 24 Apr 2009 21:01:39 +0200
On Fri, 24 Apr 2009 00:17:13 -0400 Paul Melson <pmelson () gmail com> wrote:
You will run into issues with sequence numbers in the 802.11 frames.
I read a paper that the sequence numbers could be checked but usually aren't. I could google it again but it was something with "mac spoofing detection sequence numbers" However I'm not entirely sure about this. I'm kinda worried about the flow control on Layer 1 and 2. You know which client can start transmitting - it's a shared medium and such. As I said before: my understanding of the above layers 3,4 is good enough that i can tell it's working but I don't know.... Doesnt sombody on this list know something about WLAN and flow control on shared media?!
But why bother impersonating a whitelisted client address when you can hijack it altogether with ARP poisoning?
because I want the original client to be still able to use the hotspot and not knowing there is an attacker. - daniel ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Tired of using other people's tools? Why not learn how to write your own exploits? InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits for Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well. http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html ------------------------------------------------------------------------
Current thread:
- tunneling through hotspot firewall Daniel Gultsch (Apr 23)
- Re: tunneling through hotspot firewall Paul Melson (Apr 23)
- Re: tunneling through hotspot firewall Daniel Gultsch (Apr 26)
- Re: tunneling through hotspot firewall Paul Melson (Apr 26)
- Re: tunneling through hotspot firewall mason lee (Apr 27)
- Re: tunneling through hotspot firewall Daniel Gultsch (Apr 26)
- Re: tunneling through hotspot firewall Paul Melson (Apr 23)
- Re: tunneling through hotspot firewall Aarón Mizrachi (Apr 26)
- Re: tunneling through hotspot firewall Daniel Gultsch (Apr 26)