News

Snappy Tool Helps You Detect Rogue Wi-Fi Hotspots

Security Parrot Editorial Team

How to Spot Fake Wi-Fi Access Points with Trustwave’s Snappy Tool

Security experts have been warning about the dangers of using Wi-Fi hotspots in public places for years. Unsuspecting users may connect to a malicious device, allowing attackers to carry out a man-in-the-middle attack, intercepting the victim’s traffic, credentials from their accounts, and payment information. To make it easier to avoid such situations, Trustwave expert Tom Neaves has created a Python script called Snappy that helps determine whether the access point the user is connecting to is the same as always, or the user is dealing with a fake device of hackers.

How Snappy Works

Neaves analyzed the Beacon Management Frames and found certain static elements, including data about the provider, BSSID, supported speeds, channel, country, maximum transmit power, and so on. This data varies for different 802.11 wireless access points, but remains the same for a particular access point over time.
Neaves concluded that it was possible to concatenate these elements and hash them using SHA256, creating a unique access point signature that could then be used to detect matches or mismatches. Matches mean that the access point is the same as always (that is, trustworthy), while a signature mismatch means that something has changed and the access point may be malicious.
In addition, Snappy is able to detect hotspots created with Airbase-ng. This tool is often used by attackers to create fake access points, intercept packets of connected users, and inject data into other people’s network traffic.

How to Use Snappy

Using Snappy is easy. All you need to do is download the script from the Trustwave website and run it on your device. The script will then scan the surrounding Wi-Fi networks and compare the signatures of the access points to the ones stored in the database. If the signature of the access point doesn’t match the one stored in the database, Snappy will alert the user that the access point may be malicious.
Snappy is a powerful tool that can help users protect themselves from malicious Wi-Fi access points. It is easy to use and can be downloaded for free from the Trustwave website. With Snappy, users can be sure that they are connecting to a legitimate access point and not a malicious device.

Weekly Updates For Our Loyal Readers!

Share this Article
Lost your password?