Ah another way to exploit wifi, what a surprise!
Security researchers have found a way to seize control of a laptop computer by manipulating buggy code in the system’s wireless device driver.
The hack will be demonstrated at the upcoming Black Hat USA 2006 conference during a presentation by David Maynor, a research engineer with Internet Security Systems and Jon Ellch, a student at the U.S. Naval postgraduate school in Monterey, California.
Another good reason to go to Black Hat 2006! See our list of Security Conferences & Events here.
Hmm fuzzing device drivers, long and tedious, but often leads to a way in. Well come to think of it, fuzzing most things breaks them eventually.
Device driver hacking is technically challenging, but the field has become more appealing in recent years, thanks in part to new software tools that make it easier for less technically savvy hackers, known as script kiddies, to attack wireless cards, Maynor said in an interview.
The two researchers used an open-source 802.11 hacking tool called LORCON (Lots of Radion Connectivity) to throw an extremely large number of wireless packets at different wireless cards. Hackers use this technique, called fuzzing, to see if they can cause programs to fail, or perhaps even run unauthorized software when they are bombarded with unexpected data.
The scary thing is the victim doesnt need to connect to a network or anything, they just need to have the wireless device enabled and be in range, then boom hello! owned.