Lure10: Exploiting Windows Automatic Association Algorithm
Lure10 is a novel technique presented at the Hack-in-the-Box 2017 conference in Amsterdam that enables an attacker to automatically achieve a man-in-the-middle position against wireless devices running the Windows operating system. The attack requires no user interaction and exploits the "Wi-Fi Sense" feature found in recent versions of the Microsoft Windows platform.
Hack In The Box 2017 Amsterdam
CENSUS researcher George Chatzisofroniou presented a novel WiFi attack technique named 'Lure10' at the CommSec track of the Hack In the Box 2017 conference in Amsterdam. The technique allows the automatic association of a Windows device to an attacker-controlled WiFi access point. The attacker may then mount a series of Man-in-the-Middle attacks to the victim device.
Fuzzing Objects d’ART — Hack In The Box 2015 Amsterdam
Hello, my name is Anestis Bechtsoudis and I’m a security engineer at CENSUS. I recently gave a talk on Android ART runtime fuzzing techniques at the Hack-in-the-Box 2015 Amsterdam security conference. The talk entitled “Fuzzing Objects d’ART — Digging Into the New Android L Runtime Internals”, analyzed a series of DEX smart fuzzing techniques targeting the bytecode optimization and compilation components of the new Android ART runtime.
Hack in the Box 2015 Amsterdam
CENSUS security engineer Anestis Bechtsoudis delivered the "Fuzzing Objects d’ART" presentation at the Hack In The Box 2015 conference, in Amsterdam, Netherlands. The presentation provided an overview of the new Android Runtime (ART, introduced in the Android Lollipop release) and described the fuzzing mechanism that was required to identify bugs in the ART optimization process. Such bugs could be used by attackers to remotely execute code on any Android device running the Lollipop release.