(
                     .-'''-..' \ 
           _______ .'       -   \
         <<<<<<<< );__   ,,,_)   \ 
            <<<<<<<<< ) ;C  /     \ 
              <<<<<< (.-'-.  )====_)_=======> wpa_supplicant-cupid 
                <<<<< \    '''''''   )           && hostapd-cupid
                ;  <<<     .......__/
           .-'''         (         )
        .-'              ;.       /
       /  .-'     .     =  .     /
   _-''\_/         '. .'    .   /
.-'  )  ;\          '''.     . /

; .'''' . ' ; ( O -' .''' .' .' .-''''' 'o-'

Cupid 0.1

Author: Luis Grangeia

[email protected]

twitter.com/lgrangeia

INTRODUCTION

Cupid is a pair of patches for hostapd-2.1 and wpa_supplicant-2.1 to exploit heartbleed on Wireless networks that use EAP Authentication methods based on TLS (specifically OpenSSL)

Please see presentation slides for a simple introduction to cupid:

http://www.slideshare.net/lgrangeia

COMPILATION

Get wpa_supplicant-2.1 and/or hostapd-2.1, apply the respective patch and compile. I don't recommend doing a "make install" as you'll be replacing your systems binaries with non-functional copies (functional only for exploiting heartbleed).

USAGE

Both patches come with a "heartbleed.conf" file that can be used to tweak behaviour. It must be present and placed on the same directory you're running the binary. Refer to the file for details.

--> wpa_supplicant:

Use the included test_wpasupplicant.conf and change the ssid to the network you're wanting to test heartbleed for.

Fire up wireshark or tcpdump on the interface to check for TLS heartbeat requests/responses. I usually do:

airmon-ng start wlan0

and then monitor the whole thing on the mon0 interface (use filter 'EAP || SSL' for a better picture).

fire up wpa_supplicant:

./wpa_supplicant -i wlan0 -dd -c ~/testconfs/test_wpasupplicant.conf

Look at the output of wireshark to see if the network you're attacking is vulnerable.

--> hostapd

Use the included test_hostapd.conf. You may have to set up certificates and an empty eap_user file. I've included these for reference as well.

Fire up wireshark as described above.

Note that you need a wireless adapter supporting host AP mode.

fire up hostapd:

./hostapd -d test_hostapd.conf

Then try to connect to the "bleedingheart" network with your mobile device or laptop, and it will try to heartbleed it. You can put any login/password combination.

To see if the patch works just install a vulnerable OpenSSL version and try to exploit your local copy of wpa_supplicant or a fresh install of hostapd.

FUTURE WORK

Please let me know if you find vulnerable devices and give me their version and if possible a packet dump of the actual attack.

TODO: - Code is still very incomplete, just a PoC - Does not decrypt the heartbeat response if encrypted (not the case if pre-handshake) - Should output the heartbeat responses to a file - Test more devices/networks!