Penetration Testing mailing list archives
Re: Vulnerability Scanner for Wireless Card Drivers
From: Joshua Wright <jwright () hasborg com>
Date: Mon, 14 Sep 2009 14:44:31 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Has any one heard of a VS for wireless card drivers? What I mean is a tool that you have on your laptop and scan the laptops that are probing into the air, for driver versions with vulnerabilities (something common).
I wrote a wireless driver VA scanner while working at Aruba called WiFiDEnum: https://labs.arubanetworks.com/ This is not a passive monitor-mode scanner. It reaches the host over the WMIC protocol to enumerate registry keys using the logged-in user's credentials (or alternate specified administrative credentials) and uses a local MS Access database of known driver vulnerabilities to generate a short HTML or XML vulnerability report. I haven't been maintaining WiFiDEnum since leaving Aruba for InGuardians, but you could easily download the tool and update the Access DB supplied to add new driver information based on NIST NVD entries. If you run into trouble, drop me a note. - -Josh -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) iEYEARECAAYFAkquuT8ACgkQapC4Te3oxYxldwCfdgNwEL4HKAbUPReYhhGZDlFs nHgAnj6Gu0eJ4Ozibrk1CBvEP33KLdA1 =lN56 -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Vulnerability Scanner for Wireless Card Drivers Yiannis Koukouras (Sep 14)
- Re: Vulnerability Scanner for Wireless Card Drivers Joshua Wright (Sep 15)
- Re: Vulnerability Scanner for Wireless Card Drivers Joshua Gimer (Sep 15)