Evil-twin framework: a Wi-Fi intrusion testing framework for pentesters

In today’s world there is no scarcity of Wi-Fi hotspots. Although users are always recommended to join protected networks to ensure they are secure, this is by far not their only concern. The convenience of easily connecting to a Wi-Fi hotspot has left security holes wide open for attackers to abuse. This stresses the concern about the lack of security on the client side of Wi-Fi capable technologies. The Wi-Fi communications security has been a concern since it was first deployed. On one hand protocols like WPA2 have greatly increased the security of the communications between clients and access points, but how can one know if the access point is legitimate in the first place? Nowadays, with the help of open-source software and the great amount of free information it is easily possible for a malicious actor to create a Wi-Fi network with the purpose of attracting Wi-Fi users and tricking them into connecting to a illegitimate Wi-Fi access point. The risk of this vulnerability becomes clear when studying client side behaviour in Wi-Fi communications where these actively seek out to access points in order to connect to them automatically. In many situations they do this even if there is no way of verifying the legitimacy of the access point they are connecting to. Attacks on the Wi-Fi client side have been known for over a decade but there still aren’t any effective ways to properly protect users from falling victims to these. Based on the presented issues there is a clear need in both, securing the Wi-Fi client side communications as well as raising awareness of the Wi-Fi technologies everyday users about the risks they are constantly facing when using them. The main contribution from this project will be a Wi-Fi vulnerability analysis and exploitation framework. The framework will focus on client-side vulnerabilities but also on extensibility for any type of Wi-Fi attack. The tool is intended to be used by auditors (penetration testers - pentesters) when performing intrusion tests on Wi-Fi networks. It also serves as a proof-of-concept tool meant to teach and raise awareness about the risks involved when using Wi-Fi technologies.Actualmente existem inúmeros pontos de acesso Wi-Fi. Apesar dos utilizadores serem sempre recomendados a utilizar redes protegidas, esta não é a única preocupação que devem ter. A conveniência de nos ligarmos facilmente a um ponto de acesso deixou grandes falhas de segurança em aberto para atacantes explorarem. Isto acentua a preocupação em relação à carência de segurança do lado cliente em tecnologias Wi-Fi. A segurança nas comunicações Wi-Fi foi uma preocupação desde os dias em que esta tecnologia foi primeiramente lançada. Por um lado, protocolos como o WPA2 aumentaram consideravelmente a segurança das comunicações Wi-Fi entre os pontos de acesso e os seus clientes, mas como saber, em primeiro lugar, se o ponto de acesso é legítimo? Hoje em dia, com a ajuda de software de código aberto e a imensa quantidade de informação gratuita, é fácil para um atacante criar uma rede Wi-Fi falsa com o objetivo de atrair clientes. O risco desta vulnerabilidade torna-se óbvio ao estudar o comportamento do lado do cliente Wi-Fi. O cliente procura activamente redes conhecidas de forma a ligar-se automaticamente a estas. Em muitos casos os clientes ligam-se sem interação do utilizador mesmo em situações em que a legitimidade do ponto de acesso não é verificável. Ataques ao lado cliente das tecnologias Wi-Fi já foram descobertos há mais de uma década, porém continuam a não existirem formas eficazes de proteger os clientes deste tipo de ataques. Com base nos problemas apresentados existe uma necessidade clara de proteger o lado cliente das comunicações Wi-Fi e ao mesmo tempo sensibilizar e educar os utilizadores de tecnologias Wi-Fi dos perigos que advêm da utilização destas tecnologias. A contribuição mais relevante deste projeto será a publicação de uma ferramenta para análise de vulnerabilidades e ataques em comunicações WiFi. A ferramenta irá focar-se em ataques ao cliente mas permitirá extensibilidade de funcionalidades de forma a possibilitar a implementação de qualquer tipo de ataques sobre Wi-Fi. A ferramenta deverá ser utilizada por auditores de segurança durante testes de intrusão Wi-Fi. Tem também como objetivo ser uma ferramenta educacional e de prova de conceitos de forma a sensibilizar os utilizadores das tecnologias Wi-Fi em relação aos riscos e falhas de segurança destas

Metabolically healthy, but obese subjects. First part: definition, pathophysiology and prevalence

peer reviewedAround 30 to 50% of obese subjects are “metabolically normal” (MHO) whereas numerous nonobese subjects are “metabolically abnormal”. The distribution and function of adipose deposits seem to play a crucial role in explaining this apparent paradox. The aim of this first article is to describe the clinical and biological characteristics that lead to the diagnosis of MHO, attempt to discover the etiopathogenesis of this syndrome and analyze the underlying pathophysiological mechanisms and, finally, to assess the prevalence of the MHO phenotype, which may vary according to the definition used and the population studied.Environ 30 à 50 % des sujets obèses sont « métaboliquement normaux » (MHO metabolically healthy, but obese) alors qu’inversement, nombre de sujets non obèses sont « métaboliquement anormaux ». La topographie et la fonction des dépôts graisseux semblent jouer un rôle déterminant pour expliquer cet apparent paradoxe. Ce premier article vise à présenter les éléments conduisant au diagnostic du phénotype MHO, à tenter d’en cerner l’étiopathogénie et de mieux comprendre sa physiopathologie et, enfin, à analyser la prévalence de ce syndrome, quelque peu différente en fonction de la définition retenue et de la population étudiée

Fitness versus fatness: Respective cardiometabolic impacts in children/adolescents and in elderly people

peer reviewedLe sujet adulte d’âge moyen en surpoids ou obèse est caractérisé par une adiposité exagérée, généralement combinée à une aptitude physique cardio-respiratoire déficiente. La pratique régulière d’une activité physique d’endurance améliore le profil de risque cardio-métabolique dans cette tranche d’âge. Le manque d’activité physique chez les adolescents contribue à augmenter leur masse grasse et à induire des anomalies métaboliques, tandis que la sédentarité marquée des sujets âgés peut conduire à un excès de graisse combiné à une fonte musculaire (obésité sarcopénique). Dans ces deux tranches d’âge, les effets néfastes d’un excès de masse grasse (fatness) pourraient être contrecarrés, voire annulés, par la pratique régulière d’exercices musculaires conduisant à une meilleure aptitude physique (fitness). Cet article décrit les relations entre fitness et fatness, et les impacts cardio-métaboliques respectifs de ces deux composantes, d’une part, dans la population jeune ( 60 ans)

A distinct four-value blood signature of pyrexia under combination therapy of malignant melanoma with dabrafenib and trametinib evidenced by an algorithm-defined pyrexia score

Pyrexia is a frequent adverse event of BRAF/MEK-inhibitor combination therapy in patients with metastasized malignant melanoma (MM). The study’s objective was to identify laboratory changes which might correlate with the appearance of pyrexia. Initially, data of 38 MM patients treated with dabrafenib plus trametinib, of which 14 patients developed pyrexia, were analysed retrospectively. Graphical visualization of time series of laboratory values suggested that a rise in C-reactive-protein, in parallel with a fall of leukocytes and thrombocytes, were indicative of pyrexia. Additionally, statistical analysis showed a significant correlation between lactate dehydrogenase (LDH) and pyrexia. An algorithm based on these observations was designed using a deductive and heuristic approach in order to calculate a pyrexia score (PS) for each laboratory assessment in treated patients. A second independent data set of 28 MM patients, 8 with pyrexia, was used for the validation of the algorithm. PS based on the four parameters CRP, LDH, leukocyte and thrombocyte numbers, were statistically significantly higher in pyrexia patients, differentiated between groups (F = 20.8; p = <0.0001) and showed a significant predictive value for the diagnosis of pyrexia (F = 6.24; p = 0.013). We provide first evidence that pyrexia in patients treated with BRAF/MEK-blockade can be identified by an algorithm that calculates a score

Don't neglect metabolic syndrome.

editorial reviewedThe concept of «metabolic syndrome» was brought to the forefront in the early 2000s in international literature, but this interest seems to have faded somewhat in recent years. However, this constellation of cardiovascular risk factors should not be neglected. Taken individually, they hardly seem problematic, but when they are present within the same individual, they significantly increase the risk of cardiovascular morbidity and mortality. This clinical vignette aims to draw attention to the usefulness of the search for metabolic syndrome in clinical practic.Le concept de «syndrome métabolique» a été mis en avant de la scène au début des années 2000 dans la littérature internationale, mais cet intérêt semble s’être quelque peu estompé au cours des dernières années. Il convient cependant de ne pas négliger cette constellation de facteurs de risque cardiovasculaire qui, pris individuellement, ne paraissent guère problématiques, mais qui, lorsqu’ils co-existent chez une même personne, augmentent sensiblement le risque de morbi-mortalité. Cette vignette clinique a pour but d’attirer l’attention sur l’importance de la recherche d’un syndrome métabolique dans la pratique clinique

Optical properties of In2O3 from experiment and first-principles theory: influence of lattice screening

The framework of many-body perturbation theory led to deep insight into electronic structure and optical properties of diverse systems and, in particular, many semiconductors. It relies on an accurate approximation of the screened Coulomb electron–electron interaction W, that in current implementations is usually achieved by describing electronic interband transitions. However, our results for several oxide semiconductors indicate that for polar materials it is necessary to also account for lattice contributions to dielectric screening. To clarify this question in this work, we combine highly accurate experimentation and cutting-edge theoretical spectroscopy to elucidate the interplay of quasiparticle and excitonic effects for cubic bixbyite In2O3 across an unprecedentedly large photon energy range. We then show that the agreement between experiment and theory is excellent and, thus, validate that the physics of quasiparticle and excitonic effects is described accurately by these first-principles techniques, except for the immediate vicinity of the absorption onset. Finally, our combination of experimental and computational data clearly establishes the need for including a lattice contribution to dielectric screening in the screened electron–electron interaction, in order to improve the description of excitonic effects near the absorption edge

Congenital syndactyly in cattle: four novel mutations in the low density lipoprotein receptor-related protein 4 gene (LRP4)

BACKGROUND: Isolated syndactyly in cattle, also known as mulefoot, is inherited as an autosomal recessive trait with variable penetrance in different cattle breeds. Recently, two independent mutations in the bovine LRP4 gene have been reported as the primary cause of syndactyly in the Holstein and Angus cattle breeds. RESULTS: We confirmed the previously described LRP4 exon 33 two nucleotide substitution in most of the affected Holstein calves and revealed additional evidence for allelic heterogeneity by the identification of four new LRP4 non-synonymous point mutations co-segregating in Holstein, German Simmental and Simmental-Charolais families. CONCLUSION: We confirmed a significant role of LRP4 mutations in the pathogenesis of congenital syndactyly in cattle. The newly detected missense mutations in the LRP4 gene represent independent mutations affecting different conserved protein domains. However, the four newly described LRP4 mutations do still not explain all analyzed cases of syndactyly

The Higgs as a Portal to Plasmon-like Unparticle Excitations

12 LaTeX pages, 2 figures.-- Published in: JHEP04(2008)028.-- Final full-text version available at: http://dx.doi.org/10.1088/1126-6708/2008/04/028.A renormalizable coupling between the Higgs and a scalar unparticle operator O_U of non-integer dimension d_U<2 triggers, after electroweak symmetry breaking, an infrared divergent vacuum expectation value for O_U. Such IR divergence should be tamed before any phenomenological implications of the Higgs-unparticle interplay can be drawn. In this paper we present a novel mechanism to cure that IR divergence through (scale-invariant) unparticle self-interactions, which has properties qualitatively different from the mechanism considered previously. Besides finding a mass gap in the unparticle continuum we also find an unparticle pole reminiscent of a plasmon resonance. Such unparticle features could be explored experimentally through their mixing with the Higgs boson.Work supported in part by the European Commission under the European Union through the Marie Curie Research and Training Networks “Quest for Unification” (MRTN-CT- 2004-503369) and “UniverseNet” (MRTN-CT-2006-035863); by the Spanish Consolider- Ingenio 2010 Programme CPAN (CSD2007-0042); by a Comunidad de Madrid project (P-ESP-00346) and by CICYT, Spain, under contracts FPA 2007-60252 and FPA 2005-02211

Career service papers - csp 18/21

Inhaltsübersicht: Christine Buchwald: Vorstellung eines Modells zur Förderung der Transferkompetenz durch ein studentisches Praktikum, inkl. Nutzungsmöglichkeiten für Career Services Irina Gewinner & Mara Esser: Geschlechtsspezifische Studienfachwahl und kulturell bedingte (geschlechts)stereotypische Einstellungen Friederike Schulze-Reichelt, Wilfried Schubarth: Was nützt mir das Studium? Zur Bedeutung des Berufsfeldbezuges für den Studienerfolg. Befunde und Empfehlungen des StuFo-Projekts Miriam Schmitt, Johanna M. Werz, Esther Borowski, Uwe Wilkesmann, Ingrid Isenhardt: Ein Online-Tool für die Karriereplanung von Frauen in MINT-Berufen: Herausforderungen und Chancen Sigrid Maxl-Studler, André Romano: Mobile Recruiting. Nutzung, Akzeptanz und Herausforderungen mobiler Bewerbungen aus Sicht der Generationen Y und Z Jing Su, Vera Yu, Nelli Wagner: Ein chinesisches „Ja“ ist nicht gleich einem deutschen „Ja“. Herausforderungen in der Unterstützung von chinesischen Studierende