all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

TunnelCrack: Leaking VPN Traffic by Manipulating Routing Tables

Add to bookmarks
March 18, 2024, 5:52 p.m. | Black Hat

Black Hat www.youtube.com

We will present two new attacks to leak traffic sent by a VPN client. A rogue Wi-Fi network can abuse these vulnerabilities to make the victim leak IP packets, in plaintext, outside the VPN tunnel. The adversary accomplishes this by manipulating the victim's routing table. Our attacks are independent of the VPN protocol being used, meaning they apply to IPsec, OpenVPN, WireGuard, etc....

By: Mathy Vanhoef

Full Abstract and Presentation Materials:
https://www.blackhat.com/eu-23/briefings/schedule/#tunnelcrack-leaking-vpn-traffic-by-manipulating-routing-tables-35013

abuse adversary attacks can client leak network packets plaintext rogue routing tables traffic tunnel tunnelcrack victim vpn vulnerabilities wi-fi

Visit resource

More from www.youtube.com / Black Hat

Black Hat Asia 2024 Highlights 3 days, 9 hours ago | www.youtube.com
asia black hat black hat asia black hat asia 2024
Startup Spotlight Competition at Black Hat 2 weeks, 5 days ago | www.youtube.com
bhusa blackhat cybersecurity infosec +1
Locknote: Conclusions and Key Takeaways from Day 2 1 month, 1 week ago | www.youtube.com
black hat black hat europe board board members +15
Locknote: Conclusions and Key Takeaways from Day 1 1 month, 1 week ago | www.youtube.com
black hat black hat europe board board members +16
Keynote: My Lessons from the Uber Case 1 month, 1 week ago | www.youtube.com
addition best practices case convicted +16
Keynote: Industrialising Cyber Defence in an Asymmetric World 1 month, 1 week ago | www.youtube.com
adversaries challenge cyber cyber defence +10
The Black Hat Europe Network Operations Center (NOC) Report 1 month, 1 week ago | www.youtube.com
back black hat black hat europe center +14
My Invisible Adversary: Burnout 1 month, 1 week ago | www.youtube.com
adversary attackers attacks burnout +11
The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 1 month, 1 week ago | www.youtube.com
analysis ask bad codeql +10

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India
View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190
View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal
View on infosec-jobs.com