Wireless Security
Fwd: Ghost ESSIDs in iPhone Aug 04 2011 01:22PM
Chris Hammond-Thrasher (thrashor gmail com)
Richard,

Are you saying that the only way to remove a preferred ssid from an
iOS device is to setup an AP with that ssid, connect to it, and then
thumb "forget network"? This is indeed a serious karma risk.

-cht

On Wed, Aug 3, 2011 at 10:19, Richard Farina <sidhayn (at) gmail (dot) com [email concealed]> wrote:
>
> On 08/01/11 10:06, Robin Wood wrote:
>>
>> I've been playing with some wifi stuff and, blame Vivek, I've been
>> using my iPhone as a victim. At some point I manually added a new
>> ESSID called fred. Since I did that whenever I turn wifi on on the
>> phone it probes for fred but I can't find anywhere in the iPhone setup
>> where I can edit or delete fred, it seems to be a ghost network that
>> it is doomed to probe for forever but never connect to.
>>
>> I could set up an AP with this ESSID and maybe then it will appear and
>> I can delete it but a normal user wouldn't think to do that and could
>> end up probing for networks they know nothing about or have forgotten
>> about.
>>
>> Has anyone else noticed this?
>>
> Yeah, I've been abusing it for years because there is no way for you to remove an ssid from your preferred network list unless you are in range of the ssid.  idevices are pretty much the only thing still horribly vulnerable to karma attacks.....oh and combine that with the sslstrip attack from nearly a decade ago which they are vulnerable to and.....well.... I hope that your iphone is only a test device and doesn't haver personal info it.
>
> -Zero_Chaos
>>
>> Robin
>>
>

--
Chris Hammond-Thrasher BA(hons) MLIS CISSP
thrashor (at) gmail (dot) com [email concealed]

--
Chris Hammond-Thrasher BA(hons) MLIS CISSP
thrashor (at) gmail (dot) com [email concealed]

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus