Wireless Security
Ghost ESSIDs in iPhone Aug 01 2011 02:06PM
Robin Wood (robin digininja org) (2 replies)
Re: Ghost ESSIDs in iPhone Aug 03 2011 04:19PM
Richard Farina (sidhayn gmail com)
On 08/01/11 10:06, Robin Wood wrote:
> I've been playing with some wifi stuff and, blame Vivek, I've been
> using my iPhone as a victim. At some point I manually added a new
> ESSID called fred. Since I did that whenever I turn wifi on on the
> phone it probes for fred but I can't find anywhere in the iPhone setup
> where I can edit or delete fred, it seems to be a ghost network that
> it is doomed to probe for forever but never connect to.
>
> I could set up an AP with this ESSID and maybe then it will appear and
> I can delete it but a normal user wouldn't think to do that and could
> end up probing for networks they know nothing about or have forgotten
> about.
>
> Has anyone else noticed this?
>
Yeah, I've been abusing it for years because there is no way for you to
remove an ssid from your preferred network list unless you are in range
of the ssid. idevices are pretty much the only thing still horribly
vulnerable to karma attacks.....oh and combine that with the sslstrip
attack from nearly a decade ago which they are vulnerable to
and.....well.... I hope that your iphone is only a test device and
doesn't haver personal info it.

-Zero_Chaos
> Robin
>

[ reply ]
RE: Ghost ESSIDs in iPhone Aug 01 2011 08:54PM
Jacqueline Primrose hhsc state tx us


 

Privacy Statement
Copyright 2010, SecurityFocus