Re: OID_802_11_ADD_KEY/OID_802_11_REMOVE_KEY Vulnerabilities
- From: "Thomas F. Divine" <tdivine@NOpcausaSPAM>
- Date: Tue, 10 Jul 2007 00:25:42 -0400
The NDIS team modifies WMI to suit their own needs. In particular, they modify WMI so 802.11 settings that may effect the behavior of Microsoft software are not permitted. Trying to use these properties will simply fail.
Personally, I think this is a bad approach and shows a shortcoming of WMI. There should be a way for software (such as Microsoft's Zero Config) to programmatically obtain exclusive control over these settings WHILE IT WAS RUNNING. However, if WZC is stopped, the WMI control limitations should be released so third-parties could use them.
In any event, I doubt that you can do anything with WMI that will effect anything related to 802.11.
Thomas F. Divine
"Jake" <ImInSoquel@xxxxxxxxxxxxx> wrote in message news:Ou6Z$D2uHHA.3796@xxxxxxxxxxxxxxxxxxxxxxx
Hi!
Can any process issue set requests of OID_802_11_ADD_KEY or OID_802_11_REMOVE_KEY via WMI? If so, isn't that a huge problem where malware could disrupt a WPA/WPA2 association by corrupting/removing the key material plumbed to a WLAN device after the 802.1X authentication?
Thanks!
.
- References:
- Prev by Date: Re: NDIS IM Layering
- Next by Date: Re: NDIS IM Layering
- Previous by thread: OID_802_11_ADD_KEY/OID_802_11_REMOVE_KEY Vulnerabilities
- Next by thread: Looking for sample code that for PICe interface
- Index(es):
Relevant Pages
|
