Saturday, April 13, 2024

Snappy – A New Tool to Detect Fake WiFi Access Points

A new tool named “Snappy” developed by cybersecurity experts, can assist in identifying rogue WiFi access points that aim to steal data from users who are unaware.

Tom Neaves, a security researcher with Trustwave and an enthusiast of wireless and RF technology, claims it is simple for determined attackers to fake the MAC addresses and SSIDs of reliable access points on open networks.

It is too simple for an attacker to set up their own Access Point with the same SSID and have the users connect to it, which is an issue for users, especially for those utilizing open wireless networks (coffee shops, supermarkets, etc.).

Particularly if the attacker is also spoofing the legitimate Access Point’s MAC address, the user truly has no way of knowing they are not on the genuine one.

In this case, Man-in-the-middle attacks allow threat actors to intercept and examine transmitted data since they are in control of the router.

Notably, a Media Access Control address (MAC address) is a unique identification issued to a network interface controller (NIC) for use as a network address in communications within a network segment.

This is widespread use in most IEEE 802 networking technologies, such as Ethernet, Wi-Fi, and Bluetooth.

MAC addresses are sometimes referred to as the built-in address, Ethernet hardware address, hardware address, or physical address since device makers typically assign them.

Each address may be saved either by a software mechanism or in hardware, such as the read-only memory on the card.

Snappy Tool To Identify Rogue Access Points

Snappy, created by Neaves, is an indispensable tool that effectively distinguishes authentic access points from suspicious ones.

With Snappy’s recognition capabilities, this common issue can now be easily resolved by identifying if it is the same access point that was used previously.

To create a signature, he needed to identify several components (elements, parameters, tags, etc.) in the beacon frame that were sufficiently distinct between access points both individually and collectively to serve as a fingerprint.

He says the idea of a signature, however, would not function if these values changed throughout time and remained constant to themselves.

Elements that characterize an access point

He discovered several static elements by examining Beacon Management Frames, including the vendor, BSSID, supported rates, channel, country, maximum transmit power, and others, that alter between various 802.11 wireless access points but remain constant for a particular access point over time.

The researcher calls the tool (Snappy), using the word “snap” (as in “snapshot”) to use this item and also not at all/only once substantially inspired by the Python file extension “.py,” which properly rounds off the situation.

Additionally, he reasoned that he could combine these components and hash them with SHA256 to produce a distinctive signature for each access point that a scanner tool could use to identify matches and mismatches.

Snappy in action, a SHA256 hash created for the wireless access point

In addition to the process for producing SHA256 hashes of wireless access points, Snappy can also identify access points made by Airbase-ng, a tool that attackers employ to make fake access points to intercept packets sent by connected users or even to snoop on their network traffic.

As long as Python is available, running Python scripts on laptops should be simple, but users of mobile devices will need to go above and beyond to find specialized interpreters and emulators.

“AI-based email security measures Protect your business From Email Threats!” – Request a Free Demo.


Latest articles

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its...

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...

Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

A LastPass employee recently became the target of an attempted fraud involving sophisticated audio...

Sisence Data Breach, CISA Urges To Reset Login Credentials

In response to a recent data breach at Sisense, a provider of data analytics...

DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

DuckDuckGo has launched Privacy Pro, a new subscription service that promises to enhance user...

Cyber Attack Surge by 28%:Education Sector at High Risk

In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average...

Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles