what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

GoGo Inflight Internet Interception

GoGo Inflight Internet Interception
Posted May 7, 2009
Authored by Adriel T. Desautels | Site netragard.com

Netragard, L.L.C Advisory - The GoGo Inflight Internet service fails to encrypt wireless connections between users and the access point.

tags | advisory
SHA-256 | e15a68a398d9fbb9df850bb9e64eb1d67cbb71a7114d0a7fa4d220d64af99af9

GoGo Inflight Internet Interception

Change Mirror Download
********************** Netragard,  L.L.C  Advisory*  
**********************
Penetration Testing - Vulnerability Assessments - Web Application
Security

SNOsoft Research Team
------------------------------------------------------------------------------------------------------
http://www.netragard.com -- "The Specialist in Anti-Hacking"

[POSTING NOTICE]
------------------------------------------------------------------------------------------------------
If you intend to post this advisory on your web page please create a
clickable link back to the original Netragard advisory as the contents
of the advisory may be updated. The advisory can be found on the
Netragard website at http://www.netragard.com/

For more information about Netragard visit http://www.netragard.com

[Advisory Information]
------------------------------------------------------------------------------------------------------
Contact : Adriel T. Desautels
Advisory ID : NETRAGARD-20090427
Product Name : GoGo Inflight Internet
Product Version : Unknown
Vendor Name : Aircell LLC.
Type of Vulnerability : No link layer security option
Impact : Varies
Vendor Notified : 20090427

[Product Description]
------------------------------------------------------------------------------------------------------
"As a service of Aircell LLC, Gogo provides all passengers access to the
Internet, email, text messaging and corporate VPNs from the comfort of
their seats while airborne. Aircell has been authorized by the FAA and
FCC to use cellular frequencies for inflight broadband communications,
leading a Wi-Fi revolution 35,000 feet above the ground. Think of it as
a mobile hotspot, equipped with twin turbines and 50,000 lbs of thrust.

Partnering with a variety of carriers, Gogo provides coast-to-coast,
border-to-border connectivity for all passengers. Launching with
American
Airlines in 2008, Gogo will continue to expand, giving everyone the
ability to stay in touch, in flight®."

Taken From:
http://www.gogoinflight.com/jahia/Jahia/site/gogo/companyInfo

[Technical Summary]
------------------------------------------------------------------------------------------------------
The GoGo Inflight Internet service does not encrypt wireless connections
between GoGo Inflight Internet users ("Users") and the GoGo Inflight
Internet Wireless Access Points ("WAP"). As a result any Users
connection
can be intercepted by another user and the data that they transmit can
be
stolen or their respective connections can be hijacked.

[Impact]
------------------------------------------------------------------------------------------------------
[Impact varies from installation to installation]

- Theft of customer data
- Access to business networks
- Infection of Users computer systems
- Theft of personal information
- Theft of Social Security Numbers
- Theft of Credit Card numbers
- Manipulation of in-transit data
- etc.

[Proof Of Concept]
------------------------------------------------------------------------------------------------------
Connect to GoGo Inflight Internet on your next flight and you will see
that
the connection between your device and the WAP is not encrypted.
Connecting
does not require paying for the service, it only requires establishing a
connection to the WAP.

Important Notes:
------------------------------------------------------------------------------------------------------
Because this vulnerability exists at the link layer it is possible for
an
attacker to defeat or subvert a users SSL based connection. This
subversion
would enable the attacker to capture credit card information or any
other
information submitted over the web.

It may also be possible to subvert, defeat or hijack VPN connections as
the attacker can interfere with the entire connection process.

[Vendor Status and Chronology]
------------------------------------------------------------------------------------------------------

Current Vendor Status: Unable to establish communications with vendor.

Chronology:
09/04/2009 07:11:57 PM EST - Vulnerability Discovered
09/27/2009 14:15:53 PM EST - Vendor Notified
04/28/2009 09:18:17 AM EST - Requested vendor feedback via email
04/28/2009 09:19:17 AM EST - Email Read Receipt Received
04/30/2009 11:40:25 AM EST - No response from vendor
04/30/2009 11:41:25 AM EST - Requested vendor feedback via email
04/30/2009 11:46:58 AM EST - Email Read Receipt Received
05/04/2009 09:00:00 AM EST - Began advisory release process
No vendor response.


[Solution]
------------------------------------------------------------------------------------------------------
Implement WPA2 at the link layer.

[Disclaimer]
--------------------------------http://
www.netragard.com---------------------------------
Netragard, L.L.C. assumes no liability for the use of the information
provided in this advisory. This advisory was released in an effort to
help the I.T. community protect themselves against a potentially
dangerous security hole. This advisory is not an attempt to solicit
business.

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close