Skip to main content

'Cupid' attack method exploits HeartBleed vulnerability

Cupid will strike again
Cupid will strike again

Just a few weeks after the HeartBleed bug that hit the headlines, a Portuguese security researcher, Luis Grangeia has come up with a new, simple attack method.

Released a week ago on GitHub, it uses a pair of patches for hostapd-2.1 and wpa_supplicant-2.1 that uses the HeartBleed bug found on wireless networks that use EAP Authentication methods based on TLS (specifically OpenSSL).

That includes three EAP TLS tunneled protocols, EAP-PEAP, EAP-TLS and EAP-TTLS, targeting both client and server ends.

Controversial disclosure

The revelations are likely to fuel the debate on whether such discoveries should be made public.

Replying to one commentator that condemned his approach, Grangeia said "My presentation and code is not an attack on any tools using OpenSSL, it's a call of attention to a vulnerability that was previously known about by attentive developers. I'm sorry some news sources (and developers) read it otherwise."

A full presentation about Cupid and how it could be used to compromise wireless networks can be found on Slideshare.

The worst however may still come; the CEO of Network security company iBoss raised the spectre of the Cupid threat spreading over GSM or CDMA.