[Novalug] broadcom exploit + ndiswrapper

Ben Creitz creitz@gmail.com
Thu Nov 23 22:06:01 EST 2006


Many of you probably heard about the exploit recently revealed for
Broadcom-based wifi adaptors

  http://blogs.zdnet.com/Ou/?p=365

Basically, some schmoe running metasploit might be able to drive by
your place and get root access to your system just because your wifi
NIC is on.  This could supposedly affect users of ndiswrapper.
Depending on the vendor of your system, an update for the Windows
driver may be available through Windows Update in the
"optional/hardware" section.  I got the updated windows driver using
this method.  The new driver file will load in ndiswrapper, and it is
listed as OK ("driver present / hardware present").  The only problem
is that it doesn't work!  nidswrapper fails on boot.  I had to roll
back to the old driver.

I will post the error in dmesg when I get a chance, and I will also
post progress I make (if any) in getting the more secure driver
running under ndiswrapper.

I would prefer not to use ndiswrapper, of course, but the native
driver doesn't do WPA last time I checked.

-Ben



More information about the Novalug mailing list