Pwning the Pawns with WiHawk

Presented at AppSec USA 2014, Sept. 19, 2014, 3 p.m. (45 minutes)

The elements that play a major role in today's network architecture are router, gateway, switch, hub, access point etc. In a typical network, wireless or wired router is the key element responsible for connecting the LAN to the internet. A router can be connected to two or more data lines from different network which play the important role of forwarding data packets within computer networks. Security measures at each and every component in network are imperative and there has been significant development in last decade to make networks even more secure. While powerful security rules have been implied at different components of network, router has been one such sensitive and essential element in network which is still poorly configured by companies. They can be compromised by attackers to gain unauthorized access to the private network and can lead to malicious activities like following:           1.     An attacker could configure the router to use a malicious DNS (Domain Name System) server, which can then lead to redirection of users to malicious websites. 2.    An attacker can set up port forwarding rules to expose internal network services to the Internet. Vulnerabilities in the management interfaces of wireless routers, vulnerabilities in protocols, inconsistencies in router software and weak authentication can expose the device to remote attacks and thus can be compromised by attackers. These issues had been raised by researchers in late 2012 but even if companies provide patches to upgrade management interface and inconsistencies in router software, these vulnerabilities are unlikely to go away soon because many users never update their routers and other embedded systems.


  • Santhosh Kumar - Security Researcher - Near Security
    Santhosh is Security Researcher from India who has been with the security Community since the AGE of 12. Santhosh is also a Founder of a Non Profit Project "Near Security" which mainly focuses on Providing Free and Open Infosec Education Around the Globe. Santhosh has Reported Security vulnerabilities for many companies such as INTEL,IBM, Yahoo, Microsoft, Cisco Etc. Santhosh enjoys learning new things in the age of Digital Security and Develop certain Open Source Security tool to Benefit the Developers and End Users. Santhosh has also reported various Security Holes in Different SOHO routers and their Firmware. He was also a part of the DC group which was first DC group ever opened for India.


Similar Presentations: