Explore new attack surfaces of Wi-Fi Mesh networks in this 30-minute Black Hat conference talk. Delve into the world of Internet of Things (IoT) and Wi-Fi Mesh technology, examining its advantages in self-organization, self-management, and self-healing compared to traditional networks. Learn about the EasyMesh standard, Wi-Fi Mesh architecture, and network building processes. Discover two key attack surfaces and understand how to exploit vulnerabilities in network build and control mechanisms. Gain insights into MeshFuzzer, a tool for identifying security weaknesses, and examine a case study involving the MediaTek MT7915 Wi-Fi chipset. Conclude with suggestions for improving Wi-Fi Mesh security and potential areas for future research in this rapidly evolving field.
BadMesher - New Attack Surfaces of Wi-Fi Mesh Network
Overview
Syllabus
Intro
What is Wi-Fi Mesh
What is EasyMesh
Architecture
Mesh Network Build
Mesh Network Control IEEE 1905 1a
Attack Surfaces Two attack surfaces
Attack Network Build
Attack Network Control
MeshFuzzer
Mutation Strategy
Fuzzing Network Build
Fuzzing Network Control
Case Study
MediaTek MT7915 Wi-Fi Chipset
Memory Corruption
Violation of Security Principles
Suggestions
Summary
Future Research
Taught by
Black Hat
Related Courses
-
BrokenMesh - New Attack Surfaces of Bluetooth Mesh
-
Wi-Fi Brokering
-
Sweet Dreams - Abusing Sleep Mode to Break Wi-Fi Encryption and Disrupt WPA2/3 Networks
-
Kr00k - Serious Vulnerability Affected Encryption of Billion+ Wi-Fi Devices
-
FragAttacks - Breaking Wi-Fi through Fragmentation and Aggregation
-
WiFuzz - Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
