BSidesLV has ended
Thank you for joining us for our 5th Anniversary celebration! We certainly hope you enjoy the conference. Here’s to Education, Collaboration, and Community!

Remember, we don’t take ourselves too seriously and you shouldn’t, either! To quote the old motto of another collaborative community, "We trick into learning with a laugh".

We wish you both laughter and learning - and lots of both!

-= Team BSidesLV 
Back To Schedule
Wednesday, August 6 • 17:00 - 18:00
Pwning the Pawns with WiHawk

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!


The elements that play a major role in today’s network architecture are router, gateway, switch, hub, access point etc. In a typical network, wireless or wired router is the key element responsible for connecting the LAN to the internet. A router can be connected to two or more data lines from different network which play the important role of forwarding data packets within computer networks. Security measures at each and every component in network are imperative and there has been significant development in last decade to make networks even more secure. While powerful security rules have been implied at different components of network, router has been one such sensitive and essential element in network which is still poorly configured by companies. They can be compromised by attackers to gain unauthorized access to the private network and can lead to malicious activities like following:

1. An attacker could configure the router to use a malicious DNS (Domain Name System) server, which can then lead to redirection of users to malicious websites.
2. An attacker can set up port forwarding rules to expose internal network services to the Internet.

Vulnerabilities in the management interfaces of wireless routers, vulnerabilities in protocols, inconsistencies in router software and weak authentication can expose the device to remote attacks and thus can be compromised by attackers. These issues had been raised by researchers in late 2012 but even if companies provide patches to upgrade management interface and inconsistencies in router software, these vulnerabilities are unlikely to go away soon because many users never update their routers and other embedded systems.

Due to above said vulnerabilities there are different types of attacks possible on routers which have been identified:
DDos Attack
Brute Force
Buffer Overflow
Authentication BYpass
ROM-0 Attack
. In a wireless network there are thousands of Wi-Fi routers which are configured with default user name and passwords, which make them vulnerable to security breaches.

All we can do to find above mentioned vulnerability, scan your router manually and find if your router has any vulnerability mentioned above, But for a non-technical person it’s hard to find out if router is vulnerable or not, this is major reason millions of routers are left open to vulnerabilities and on top of it Vendors doesn’t provide patches for found vulnerability at same time.
Now finding these vulnerabilities and making sure that the router in use is not vulnerable to any of the mentioned vulnerabilities is not easy and so far we didn’t have any tool which will prompt you before being victim of attack that your router is vulnerable to any of the above mentioned attack.

WiHawk is an open source tool for auditing IP addresses to sniff out Wireless routers which are configured with default admin passwords and find out the routers which are vulnerable to Bypass Authentication, Cross Site Request Forgery, Buffer Overflow and FTP Authentication Bypass.
The tool can be used to identify following types of security vulnerabilities in provided IPs:

a) Authentication Bypass
b) Routers configured with default username/passwords
c) Buffer Overflow
d) Cross Site Request Forgery
e) ROM-0 attack
f) FTP authentication Bypass


Santhosh Kumar

Security Researcher, Near Security
Santhosh is Security Researcher from India who has been with the security Community since the AGE of 12. Santhosh is also a Founder of a Non Profit Project "Near Security" which mainly focuses on Providing Free and Open Infosec Education Around the Globe. Santhosh has Reported Security... Read More →

Wednesday August 6, 2014 17:00 - 18:00 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

Attendees (0)