AWDL up to iOS12.0.1 vulnerable!
It is sort of a curse. Every attempt to make one’s life easier
with modern protocols for WLAN, Bluetooth and other
mobile wireless solutions also brings up new problems.
One of these affect all iOS devices running iOS12.0.1 or older
But what exactly is AWDL? This acronym is standing for Apple Wireless Direct Link and allows nearby devices that support AWDL to interact with Apple devices without any hassle. Switch it on, do a search and the rest is “magically” done all by itself. But this technology is not only bringing advantages.
The problem with this eased handshake is, that also rogue devices could interact with Apple iDevices running iOS and worst of it, bring them to reboot by applying invalid execution commands that cause a buffer overflow or bad memory access. If MacOS is also subject to this kind of compromisation, is not known yet but possibly not as it does handle direct wireless connections in another manner.
And if a reboot can be forced so could be the execution of other malicious code causing much more damage such as compromising device security.
Now you could say, why Apple and not Google? Well, fun fact, even Google’s Android can be compromised in a similar way. The standard is called NAN (Neighbor Awareness Networking) and brought to life by the WiFi Alliance. The functionality to AWDL is the same and thus allows the same game on Android.
Apple has already fixed that security issue with the release of iOS12.1 on October 30th, however nothing is known about Android Pie (9.0) and if it is suject to being compromised via NAN.
If you have any iOS-based device that can run iOS12.1 then you’re adviced to update your iOS as soon as possible. Devices not being capable of running iOS12.1 will definitely subject to being distorted in flawless operation if someone is performing the hack on you. In this case the only thing would be turning off any wireless operation (BT, WLAN). You will still be able to run the iDevice in GSM,3G,LTE mode and thus be able to use cell carrier networks.
The following video impressively demonstrates the vulnerability of iOS devices:
Although the components for this hack are easily to get (a Raspi like board with integrated WiFi and a Linux OS with the needed software to perform this hack), be warned that interfering with private computer systems or intentionally disturbing their functionality is prohibited and prosecuted by law if the person whose network you’re compromising detects your attempts and your identity! You do so at your own risk! Neither the author or this blog in general can be held liable for any law-based consequences you might suffer from by performing the hack in the video above by yourself!
Scientific publication
Authors: M. Stute, D. Kreitschmann, and M. Hollick
Publication: “One Billion Apples’ Secret Sauce: Recipe for the Apple Wireless Direct Link Ad hoc Protocol,” In: The 24th Annual International Conference on Mobile Computing and Networking (MobiCom ’18), 2018.
Link to the publication: https://owlink.org
iOS 12.1 Release Notes: https://support.apple.com/kb/HT201222
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4368
Leave a comment