Techly NewsGet the app

Get the latest tech news

Off-path TCP hijacking in NAT-enabled Wi-Fi networks


Guest Post: New off-path TCP hijacking attack in Wi-Fi networks that exploits vulnerabilities in the NAT mapping strategies of routers discovered.

Figure 4 — Snapshots of web poisoning.We conducted tests on 67 mainstream routers from 30 different manufacturers, including 360, Aruba, ASUS, Amazon, Cisco Meraki, China Mobile, Comfast, D-Link, GL.iNet, Google, H3C, Huawei, IP-COM, iKuai, JdCloud, Linksys, Mercury, Netgear, Netcore, Ruijie, Skyworth, Tenda, TP-Link, Ubiquiti, Volans, Wavlink, WiMaster, Xiaomi, ZTE, pfSense, and others. Our case studies indicate that terminating SSH connections, downloading private files from FTP servers, and injecting false HTTP response packets on average took 17.5, 19.4, and 54.5 seconds, respectively, with success rates of 87.4%, 82.6%, and 76.1%. In our testing, routers from ASUS, Netgear, ZTE, Aruba, Cisco Meraki, TP-LINK, and Mercury default to this recommendation, thus enhancing defence against our attacks.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of path

path

Photo of tcp hijacking

tcp hijacking

Photo of nat

nat

Related news:

News photo

Kunitsu-Gami: Path of the Goddess feels as luscious as it looks

News photo

The AI paradox: Path to utopia or dystopia?

News photo

Kunitsu-Gami: Path of the Goddess launches on July 19

« KidPix
California Moves to Modify Law Letting Workers Sue Employers »