Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Wireless Networking Flaw Identified

Posted by Zonk on from the like-me-complicated-but-interesting dept.

An anonymous reader writes "Washingtonpost.com is reporting from the 2nd annual Shmoocon hacker conference about the release of a previously undocumented vulnerability in Windows. The flaw takes advantage of a feature on Windows laptops that have wireless cards built-in. Security researcher Mark Loveless found that Windows laptops which cannot find a wireless connection are configured to broadcast the name of the last SSID they associated with. They assign themselves an ad-hoc 'link local' (think 169.254.x.x.) address, and an attacker can configure his machine to broadcast an SSID of the same name. Thus, the attacker associates with that 'network' and communicates directly with the victim's machine. The funny part from the Post blog entry is that Microsoft helped author the RFC for link local."

12 of 225 comments (clear)

  1. That's cool by BishopSRQ · · Score: 3, Funny

    I think I will go test this out on my parents...

  2. Re:Class Action Lawsuite by Philomathie · · Score: 2, Funny

    If that was possible the richest man in the world would be a lawyer...

  3. Damn!!!! by Anonymous Coward · · Score: 4, Funny

    There goes my mobile botnet...

  4. Security? by yobjob · · Score: 5, Funny

    Does anyone actually secure their wireless network? I actually have the problem that, on startup, my computer connects to my neighbour's wireless network instead of my own!

    --
    Czech language for absolute beginners
    1. Re:Security? by Lxy · · Score: 4, Funny

      No they don't. True story:

      I bought a new wireless card for Christmas. I was working on getting the madwifi stuff working in Debian and I decided not to set up my AP until I had my wireless card working. Besides, I'm a n00b to wireless under linux so I wanted to take appropriate precauitons.

      I got the card working, and iwlist brought up two APs in my neighborhood. One name "simpsons" and one name "zr45ytg" or something similar with WEP enabled. Not being 1337, I left the WEP one alone (for now) and decided to hop onto simpsons. As you can probably guess, I was given a private IP and internet access. A quick nmap showed two Windows machines connected, using smbclient I found an open printer share.

      Digging farther, I tried to log into the AP itself. Linksys WRT54G with, you guessed it, defult passwords. Oh, let the fun begin! I changed his SSID to "0wn3d" and sent the relevant sections of the Linksys WRT54G manual to his printer. This guy now should know how to set up WEP and change his admin password. He should also notice that his SSID changed.

      One week later, still broadcasting an SSID of 0wn3d, no WEP, and default admin password. Either he didn't get the message or he's illiterate. Oh well, free internet for me!

      --

      There is no reasonable defense against an idiot with an agenda
      :wq
    2. Re:Security? by TubeSteak · · Score: 2, Funny

      Here's the complete text of War and Peace

      Try printing that out and see if he doesn't notice.

      --
      [Fuck Beta]
      o0t!
    3. Re:Security? by Anonymous Coward · · Score: 1, Funny

      Oh crap, I guess I should stop using the internet then!

    4. Re:Security? by isorox · · Score: 2, Funny

      This is why anyone that works in IT is treated like shit, because end users assume we hate them and won't do anything to help.

      Well, to be fair...

  5. What?! NO! by mike518 · · Score: 3, Funny

    Another Networking Flaw? Dam, i mean the first 74 were completely predictable, but i have to say this one caught me completely off guard. You win this round malicious hackers *shakes fist into air*.

    --
    Mike
    I heart the RIAA & MPAA, im sure its mutual...
  6. Re:Should be standard on all laptops and desktops by tunah · · Score: 4, Funny

    I hope he's not referring to the power button.

    --
    Free Java games for your phone: Tontie, Sokoban
  7. large violins by gEvil+(beta) · · Score: 3, Funny

    Viola! His machine was assigned a different 169.254.x.x address...

    Good to see that technology journalists are so enthusiastic about orchestra instruments.

    --
    This guy's the limit!
  8. HELP! NIC works as intenden1?!!?!?!!? by vsync64 · · Score: 5, Funny
    Oh noes! If my network interface is up you can send me packets that I have to accept or reject?1!!?!? HWATEVER SHALL I DO PLEASE HELPE ME

    i have heard of an even worse vulnerabelity! if you hack yuor micthorwave oven to have teh door open it will JAM MY 80211 packets!!?!!?!!?!?!?!!?!

    Also risk of cooking!

    tell steve gibson of GRC he will save us

    --
    TO BUY A NEW CAR WOULD MAKE YOU SEXUALLY ATTRACTIVE.