Challenge of the week!
Last Post: June 6, 2006:
-
Have a client connect to an AP. Use whatever security mechanism you like.
Install CommView for WiFi on a laptop, capture a beacon from the AP, save it as a template, and then use CommView for WiFi's frame generator tool to customize the beacon to have channel 0 and the same SSID and BSSID of the legitimate AP. Transmit the beacon every 102.4 milliseconds (to simulate a real AP).
See what happens to the client. Please explain what happened here on the forum.
thanks!
Devinator -
Sounds like a Beacon poisoning attack. I remember reading about this a few months ago as one of the DoS attacks that will be prevented with 802.11w protected management frames.
-
Hi Devin:
What is channel zero?
Is the fake beacon stream transmitted on the same channel as the original?
Thanks. /criss -
Yes, the fake beacon is a replica of the original with a different channel number.
Here's more info:
http://www.wirelessve.org/entries/show/WVE-2006-0050
Yes, the spoofed beacons are transmitted on the same channel as the real beacons.
- 1