I started work on a simple script to have some fun with accidental wireless
association back in April. Unfortunately, I got bored and never finished it.
I just ran across it and decided to post it in case anyone wants to play with
what I've started. If someone does decide to use any of this code, or simply the
idea, please give me some credit (or at least a beer at the next DefCon).
Basically, I've noticed (probably along with the majority of the WiFi world)
that M$ Windows clients like to probe. It also seems that a lot of lame users
of these M$ systems have WEP-free WiFi "Linksys" networks at their home. I've
found that when these lame users take their laptops outside of their home,
they may be opening themselves or any network they plug into up to attack.
Since M$ Windows is so promiscuous and will attach to anything that remotely
resembles it's home network, it may be tricked into attaching to a malicious
AP. This AP could then potentially gain unauthorized access to the unsuspecting
client and possibly even to a network attached to other interfaces of this
The below KizAP script was the start of an attempt to automate this.