Benjamin Lim

Benjamin Lim

Android is an open source mobile operating system that is developed mainly by Google. It is used on a significant portion of mobile devices worldwide. In this paper, I will be looking at an attack commonly known as tapjacking. I will be taking the attack apart and walking through each individual step required to implement the attack. I will then explore the various payload options available to an attacker. Lastly, I will touch on the feasibility of the attack as well as mitigation strategies.

Benjamin Lim

Wireless networking has become very popular in recent years due to the increase in adoption of mobile devices. As more and more employees demand for Wi-Fi access for their devices, more companies have been jumping onto the "Bring Your Own Device" (BYOD) bandwagon[1] to appease their employees. One such example of an enterprise wireless infrastructure is the George Washington University's GWireless. For this project, I will attempt to capture hashes of authentication credentials from users who are connecting to the GWireless network using what is commonly known as the "evil twin" attack. I will document the hardware, software used and steps taken to configure the devices. I will then evaluate the feasibility of such an attack, explore variations of the attack and document measures that can be taken to prevent such an attack.