Rf
Obtaining shells via Logitech Unifying Dongles
In this post, I will recap some of the security research conducted on wireless keyboards and mice, and eventually show how current wireless keyboards and mice can be used to obtain a covert shell on a target computer. Around 2009, Max Moser realised that most wireless keyboards were simply transmitting the keystrokes in clear text. His initial research targeted systems using 27MHz radios. In 2010, he presented followup research targeting…
Understanding PEAP In-Depth
tl;dr We reported a long standing PEAP bug in all Apple devices that would allow an attacker to force any Apple device (iOS, macOS or tvOS) to associate with a malicious access point, even if the authentication server (RADIUS) couldn’t prove knowledge of the password. To understand it fully, we go on a deep dive into EAP and MSCHAPv2. PEAP at a High LevelMSCHAPv2Decrypting the Inner TunnelThe Inner MSCHAPv2 ExchangeByte-Level…
Page 1 of 1