POSTED BY: census / 26.04.2017

Hack In The Box 2017 Amsterdam

CENSUS researcher George Chatzisofroniou presented a novel WiFi attack technique named 'Lure10' at the CommSec track of the Hack In the Box 2017 conference in Amsterdam. The technique allows the automatic association of a Windows device to an attacker-controlled WiFi access point. The attacker may then mount a series of Man-in-the-Middle attacks to the victim device.

Photo courtesy of HELPNETSECURITY

The slides from George's talk are available here while a video recording of the presentation can be found here.

Following the talk, a new version of the Wifiphisher tool (version 1.3) was released that automates this attack.

Update: The HELPNETSECURITY news site has authored a nice overview of the presentation, available here.