Twibow Posted April 5, 2023 Posted April 5, 2023 Hello, I recently discover the CVE-2022-47522 which seems to affect most of the equipment on the market. To summarize the vulnerability: Once a device is connected to a Wi-Fi network, we can assume that packets are routed to the machines using the MAC address. Therefore, in order to carry out the attack, the hacker must disconnect a targeted device by connecting to it spoof its MAC Adress. This attack is possible because the CVE-2022-47522 vulnerability, located in the power-saving mechanism of the IEEE 802.11 standard, allows to override the Wi-Fi client isolation feature, but also the Dynamic ARP Inspection. Full details in research publish paper : https://papers.mathyvanhoef.com/usenix2023-wifi.pdf Mathy Vanhoef published a well documented POC to test if a LAN is vulnerableon GitHub. POC Available here : https://github.com/vanhoefm/macstealer I think it would be particularly interesting to integrate the tool as a module for the PineApple. What do you think about it ?
dark_pyrro Posted April 6, 2023 Posted April 6, 2023 This has been around in the news for about a week now and I don't see any real reason to make a module out of it, unless a wider kind of "attack surface" can be discovered related to the flaw. We'll see how it develops as vendors analyze it all (Cisco has this far tagged it as "Informational"). As it has been described this far (and the reactions to it), I wouldn't throw myself over the keyboard and start sweating to create a module for it.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.