Overview
Explore three novel security-related design flaws in Wi-Fi and various widespread implementation flaws in this 37-minute Black Hat conference talk. Learn how adversaries can exploit these vulnerabilities to inject packets or exfiltrate selected frames, with a demonstration on using packet injection to bypass router NAT and connect to internal devices. Delve into the history of Wi-Fi security, aggregation techniques, and attack scenarios. Understand the intricacies of how fragmentation works, its design flaws, and aggregation design flaws. Examine implementation flaws, cloaked AMSDO, and other vulnerabilities in Wi-Fi systems. Gain valuable insights from security researcher Mathy Vanhoef on protecting Wi-Fi networks from these "FragAttacks."
Syllabus
Introduction
History of WiFi Security
Aggregation
Attack Scenario
Demonstration
How it works
How fragmentation works
Fragmentation design flaw
Aggregation design flaw
Implementation flaws
CloakedAMSD
Other flaws
Taught by
Black Hat