2025-10-31 –, Main Hall
Lets break down the barriers between wireless clients and demonstrate bypassing client isolation on encrypted wireless networks. Client isolation is relied upon to prevent malicious clients from attacking others on the same network. Connected your vulnerable corporate laptop to the guest wifi? No worries - client isolation is turned on! But what if we can just ignore the AP and talk to another client directly? This talk will present research conducted to develop working tooling to bypass client isolation on both open and WPA2-encrypted wireless networks.
In an infrastructure mode wireless network, it's generally accepted that we can rely on the access point to block client-to-client communication to prevent various network attacks. But what if we take the access point out of the picture and just... communicate directly with the other clients? It's just radio frequencies after all, and we have monitor mode wireless adapters to sniff and inject packets.
Client isolation is common on guest, BYOD and public networks. With this tooling, an attacker could target other wireless clients that would otherwise be protected.
ZANTE is a Senior Security Consultant at Pulse Security, and occasional drum & bass DJ.