Wireless Vulnerabilities & Exploits
Wireless Vulnerabilities & Exploits
WVE ID: WVE-2005-0023
Type: Exploit
Status: Candidate
Classification:
Other
Description:
AirSnarf is a tool that automates the process of creating a Rogue AP.
Discussion:
AirSnarf consists of a setup script that configures a Linux system with a PRISM2 based wireless card into a Rogue AP. The main idea behind doing so is to create Rogue APs to compete with legitimite hotspot APs in order to steal user information.
To accomplish this, AirSnarf automatically configures the AP as a captive portal. Any DNS requests that a client makes will resolve to the access point's IP address. This allows an attacker to make a copy of a legitimite hotspot service's portal page in order to serve from the Rogue AP. Therefore, users attempting to use the Rogue AP for wireless access will see the same familiar login portal that they're accustomed to seeing, but the login credentials they enter will be sent to the attacker.
As AirSnarf is simply a script for automating the setup of a Rogue AP it relies on many other software packages. AirSnarf currently requires the following software packages for operating under Linux:
* HostAP drivers
* iptables
* httpd/Apache
* dhcpd
* sendmail
* Perl's Net::DNS
Instead of using a full-blown DNS server. AirSnarf provides a lightweight one written in Perl, hence the requirement of Net::DNS. AirSnarf was originally developed and implemented on Linux, however it is now available for Windows systems.
Credits
Author:
Beetle
(beetle@shmoo.com)
: The Shmoo Group
Author:
Bruce
Potter
(gdead@shmoo.com)
: The Shmoo Group
References
URL:
http://airsnarf.shmoo.com/
Released: 2003-08-01
Submitter
Andrew
Lockhart
(alockhart@networkchemistry.com)
: Network Chemistry
Submitted: Mon Oct 31 17:17:28 -0800 2005
Candidate Date: Mon Oct 31 17:19:11 -0800 2005
