TunnelCrack: Leaking VPN Traffic by Manipulating Routing Tables

We will present two new attacks to leak traffic sent by a VPN client. A rogue Wi-Fi network can abuse these vulnerabilities to make the victim leak IP packets, in plaintext, outside the VPN tunnel. The adversary accomplishes this by manipulating the victim’s routing table. Our attacks are independent of the VPN protocol being used, meaning they apply to IPsec, OpenVPN, WireGuard, etc.... By: Mathy Vanhoef Full Abstract and Presentation Materials: #tunnelcrack-leaking-vpn-traffic-by-manipulating-routing-tables-35013