SSID Stripping Attack: From Vulnerability to Tangible Threat

Emima Vaipan


Supervised by Eirini S Anthi; Moderated by Padraig Corcoran

This project aims to research and develop hardware tooling that can enable a range of attacks, including a phishing attack, against IEEE 802.11-compliant devices. This attack was recently detected in iPhones and can have lots of severe consequences such as a leak of sensitive data. More specifically, this vulnerability enables SSIDS to be crafted and allows for unintended behaviour in phones whey they ingest them.

This project will involve creating a hardware rogue Access Point that will implement a range of phishing attacks, as well as SSID stripping attacks on a range of handsets. It will also look into developing a suitable countermeasure.

Initial Plan (07/02/2022) [Zip Archive]

Final Report (27/05/2022) [Zip Archive]

Publication Form