Description: Welcome to Part 9 of the WLAN Security Megaprimer! Please start this series by watching Part 1 http://www.securitytube.net/video/1756, if you have not done so already.
In this video, we will look at hotspot based attacks. Most of us use public hotspots such as a Coffee Shops, Airport network etc. from time to time. We will learn how simple it is for an attacker to intrude your wireless privacy when you are on such a network.
The Attacker will scan the neighborhood to find all hotspot based access points. Then he will use airolib-ng to create a fake access point with the same ESSID as the hotspot. Once this is created, he will send De-Authentication messages to break the current connection between the authorized client and access point pair. Once the client is disconnected, it will try to reconnect back to the access point. At this point, if the attacker is closer to the client and has a higher signal strength than the authorized access point, then the client will mistakenly connect to the attacker's access point. Once this happens, the attacker can get IP connectivity to the client and will be able to run tools such as Nmap and Metasploit to compromise the security of the client.