Reply to post: Re: Oh dear.

Take a pinch of autofill, mix in HTTP, and bake on a Wi-Fi admin page: Quirky way to swipe a victim's router password

expreg

Re: Oh dear.

They can copy your network SSID and create an "Evil Twin." Then spam you with deauth frames, and then spam you with broadcast advertisements carrying that SSID. I've done it at home for shits and giggles (to my own devices, obviously).

Someone mentioned the Wi-Fi Pineapple which has all of this built in. It's easy to do without one.

Protected Management Frames (802.11w) can protect against the deauth spam, but I'm not sure many home telco routers use that.

But yeah, I turned off auto-fill ages ago.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021