Post

Replies

Boosts

Views

Activity

Send wrong DHCP discover frame from iPhone about private mac address when change wifi connection
The issue i am facing is that iOS sends the wrong MAC address in the DHCP Discover packet. It sends the private MAC from the previous WiFi connection to the new WiFi connection. Thereby leaking the previous private MAC address to the new WiFi network! The router correctly responds with a DHCP Offer with the same (wrong) MAC address in it. iOS ignores this, since it is not the correct MAC for this WiFi network. After around 130s iOS starts sending the correct MAC address in the DHCP Discover packet and then immediately the WiFi connection succeeds.This causes a very long delay for the end-user to connect to a WiFi network which is not acceptable.It is also a security issue since it exposes the private MAC to the wrong WiFi networkI provided logging and tcp-dumps but unfortunately it was just closed by Apple without further explanation. DHCP DISCOVER Frame send from iOS - https://developer.apple.com/forums/content/attachment/1b364e71-3d43-4b79-947d-8a1f0d04c541 "fe:49:cd:a5:94:bd" is the right mac address (private mac address) of the current connection (the new one) but "Client MAC address: da:42:c4:5a:60:d1" is the wrong mac address (private mac address) of the previous connection
0
0
838
May ’21