Menu

Database

Hotspotter

WVE ID: WVE-2005-0054

Type: Exploit

Status: Candidate

Classification:
Hijacking

Description:
Hotspotter is a tool used to exploit wireless clients probing for their preferred networks.

Discussion:
Hotspotter is a free open source tool that will passively monitor probe
requests from Windows XP clients and compares them to common
"hotspot" SSID names. If there is a match with the client’s request,
the rogue client will act as an AP with the same SSID.
Once associated to the rogue AP the hacker can assign an IP via
DHCP or run other scanning tools against the victim.

Credits
Author: Joshua Wright (jwright@hasborg.com) : None
Author: Max Moser (mmo@remote-exploit.org) : remote-exploit.org

References
URL: http://www.remote-exploit.org/index.php/Hotspotter_main
URL: http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019764.html

Released: 2004-04-05

Submitter
Andrew Lockhart (alockhart@networkchemistry.com) : Network Chemistry

Submitted: Thu Dec 01 10:46:23 -0800 2005

Candidate Date: Thu Dec 01 12:57:12 -0800 2005


Recent Entries

Weaknesses in the A5/1 Cipher
WVE-2008-0007 4/9/2008
Block ACK DoS
WVE-2008-0006 4/9/2008
GF Mode WIDS Rogue AP Evasion
WVE-2008-0005 4/9/2008
HT Intolerant Degradation of Service
WVE-2008-0004 4/9/2008
Sidejacking
WVE-2008-0003 4/2/2008
ZiPhone
WVE-2008-0002 4/2/2008
RADIUS Key Delivery Exposure
WVE-2008-0001 3/21/2008
BackTrack
WVE-2007-0020 11/19/2007
Airoscript
WVE-2007-0019 11/19/2007
airoway.sh
WVE-2007-0018 11/19/2007
More Entries...

News

SANS Institute Sponsors WVE
4/19/2008
Wireless Attackers and Honeypot Technology
4/15/2008
High Speed Risks in 802.11n Slides Posted
4/11/2008
Vulnerabilities in 802.11n
4/9/2008
WVE Editors Speaking at SHARKFEST.08
1/3/2008
More News...