release of a hacking tool that targets wireless networks running its LEAP wireless authentication protocol.
The tool, called “Asleap,” allows users to scan the wireless network broadcast spectrum for networks using LEAP (Lightweight Extensible Authentication
Protocol), capture wireless network traffic and crack user passwords, according to a message posted to the Bugtraq online security discussion group on
Wednesday.
Cisco did not immediately respond to requests for comment.
The tool was designed to compromise WLANs using LEAP using so-called “dictionary attacks” to exploit weakly protected passwords, according to the
message, which purports to be from Joshua Wright, a network engineer at Johnson & Wales University in Providence, Rhode Island. Wright made headlines
in August after he publicized the password vulnerability in LEAP.
Link: infoworld.com
Category:
- Security
