Expert releases Cisco wireless hacking tool

One day after it disclosed a security vulnerability in a wireless networking product, Cisco Systems must contend with a new threat - the long-promised release of a hacking tool that targets wireless networks running its LEAP wireless authentication protocol. The tool, called "Asleap," allows users to scan the wireless network broadcast spectrum for networks using LEAP (Lightweight Extensible Authentication Protocol), capture wireless network traffic and crack user passwords, according to a message posted to the Bugtraq online security discussion group on Wednesday.

Cisco did not immediately respond to requests for comment.

The tool was designed to compromise WLANs using LEAP using so-called "dictionary attacks" to exploit weakly protected passwords, according to the message, which purports to be from Joshua Wright, a network engineer at Johnson & Wales University in Providence, Rhode Island. Wright made headlines in August after he publicized the password vulnerability in LEAP.

Read Full Story