Full Disclosure mailing list archives
Apple and Wifi Hotspot Credentials Management Vulnerability
From: Jeffrey Walton <noloader () gmail com>
Date: Mon, 17 Jun 2013 15:35:18 -0400
This vulnerability was published to the OWASP Mobile Security list as a research paper by Andreas Kurtz, Daniel Metz and Felix Freiling. See "Cracking iOS personal hotspots using a Scrabble crossword game word list," http://lists.owasp.org/pipermail/owasp-mobile-security-project/2013-June/000640.html. It appears Apple Wifi hotspot passwords are generated using a wordlist consisting of 1842 words. The authors built a customer cracker to aide in recovery of the Wifi hotspot passwords. The paper's homepage can be found at https://www1.cs.fau.de/hotspot. The paper does not offer a CWE classification or CVE at this point in time. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Apple and Wifi Hotspot Credentials Management Vulnerability Jeffrey Walton (Jun 17)
- Re: Apple and Wifi Hotspot Credentials Management Vulnerability Jeffrey Walton (Jun 17)