無線網路的端點, 也就是這些無線網路的使用者, 近來已成為新興的攻擊目標, 攻擊者利用這些端點電腦上的系統弱點, 例如, 無線網路卡驅動程式的漏洞, 進行漏洞攻擊, 以取得這些電腦的控制權限, 進而利用這些電腦, 當成進入企業無線網路的跳板。另外, 駭客也可以利用無線網路釣魚的方式, 假冒企業的認證網頁, 騙取登入網路的帳號及密碼。
目前已經發現的無線網卡驅動程式有弱點的, 包含了:
• D-Link DWL-G132 ASAGU.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
• NetGear WG111v2 Wireless Driver Long Beacon Buffer Overflow Vulnerability
• NetGear WG311v1 Wireless Driver SSID Heap Buffer Overflow Vulnerability
• NetGear MA521 Wireless Driver Long Beacon Probe Buffer Overflow Vulnerability
• Broadcom BCMWL5.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
• MADWiFi Linux Kernel Device Driver Multiple Remote Buffer Overflow Vulnerabilities
• Intel PRO/Wireless Network Connection Drivers Remote Code Execution Vulnerabilities
• Apple Mac OS X Airport Wireless Driver Multiple Buffer Overflow Vulnerabilities
• D-Link DWL-G132 ASAGU.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
• NetGear WG111v2 Wireless Driver Long Beacon Buffer Overflow Vulnerability
• NetGear WG311v1 Wireless Driver SSID Heap Buffer Overflow Vulnerability
• NetGear MA521 Wireless Driver Long Beacon Probe Buffer Overflow Vulnerability
• Broadcom BCMWL5.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
• MADWiFi Linux Kernel Device Driver Multiple Remote Buffer Overflow Vulnerabilities
• Intel PRO/Wireless Network Connection Drivers Remote Code Execution Vulnerabilities
• Apple Mac OS X Airport Wireless Driver Multiple Buffer Overflow Vulnerabilities
而這些弱點, 除了最後兩個還沒有公開的攻擊程式之外, 其餘的都已經有相對應的攻擊程式 (MetaSploit 裡提供了好幾個) 。
文章標籤
全站熱搜
