Description: Cisco access points support WPA migration mode, which enables both WPA and WEP clients to associate to an access point using the same Service Set Identifier (SSID). If WEP clients are still around, we can use the traditional WEP cracking arsenal against them. Therefore, we focused on analyzing the consequences of having this feature enabled when no WEP clients are present; for example after the migration to WPA has been carried out but this feature has been left enabled. We found that it is possible for an attacker to crack the WEP key under this scenario (i.e. no WEP clients). Once the key is recovered, it is possible to connect to the access point using this key (as it is operating in WPA migration mode) and access the network.
Slides : - http://media.blackhat.com/bh-us-10/whitepapers/Meiners_Sor/Blackhat-USA-2010-Meiners-Sor-WEP-is-back-to-haunt-you-wp.pdf
http://media.blackhat.com/bh-us-10/presentations/Meiners_Sor/Blackhat-USA-2010-Meiners-Sor-WEP-is-back-to-haunt-you-slides.pdf
Tags: securitytube , Confidence , hacking , hackers , information security , convention , computer security , blackhat10 , blackhat-2010 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.