Jump to content

[CVE-2022-47522] MacStealer: Wi-Fi Client Isolation Bypass


Twibow

Recommended Posts

Hello,

I recently discover the CVE-2022-47522 which seems to affect most of the equipment on the market.

To summarize the vulnerability: Once a device is connected to a Wi-Fi network, we can assume that packets are routed to the machines using the MAC address. Therefore, in order to carry out the attack, the hacker must disconnect a targeted device by connecting to it spoof its MAC Adress. This attack is possible because the CVE-2022-47522 vulnerability, located in the power-saving mechanism of the IEEE 802.11 standard, allows to override the Wi-Fi client isolation feature, but also the Dynamic ARP Inspection.

Full details in research publish paper : https://papers.mathyvanhoef.com/usenix2023-wifi.pdf 

attack.png

Mathy Vanhoef published a well documented POC to test if a LAN is vulnerableon GitHub.

POC Available herehttps://github.com/vanhoefm/macstealer

I think it would be particularly interesting to integrate the tool as a module for the PineApple.

What do you think about it ?

Link to comment
Share on other sites

This has been around in the news for about a week now and I don't see any real reason to make a module out of it, unless a wider kind of "attack surface" can be discovered related to the flaw. We'll see how it develops as vendors analyze it all (Cisco has this far tagged it as "Informational"). As it has been described this far (and the reactions to it), I wouldn't throw myself over the keyboard and start sweating to create a module for it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...