Jump to content

Attack on WPA(2) Season 2 - More WPA/WPA2 flaws discovered

rcmaehl

Alternative Title: What about the Crack attack on the WiFis?

Sources:
ITNews AU

Security Boulevard

Bleeping Computer

TL;DR:
A Wireless Network using Multiple APs, make it easier to access the hashed password of the network. Passwords shorter than 10 characters can be cracked within a week. How often do you change your WiFi password?

 

Media:

Image result for wifi BSS roaming

 

Quotes/Excerpts:

Quote

A new technique has been discovered to easily retrieve the Pairwise Master Key Identifier (PMKID) from a router... which can then be used to crack the wireless password. Previous [WPA2] cracking methods required an attacker to wait for a user to login...  this method will work against almost all routers... with roaming enabled. [It] Makes it much easier to access a hash that contains the pre-shared key that hash still needs to be cracked.  PSK of length 10 takes 8 days to crack (on a 4 GPU box).

Quote

The most significant difference between older attacks and the newly discovered method is that an attacker no longer needs another user...  to capture credentials. Earlier WPA/WPA2 attacks were more challenging to carry out because... the attacker had to record the WPA four-way handshake. This type of attack can create a lot of trouble from a technical perspective.

Quote

Researchers have accidentally discovered a new attack... that makes it easier for outsiders to capture access credentials. The biggest difference... is that an attacker no longer needs another user... simply starting the authentication process will do. Earlier WPA/WPA2 cracking attacks were difficult to pull off. The success of the proposed attack depends on the length and complexity of the PSK. WPA3 authentication will make it much harder to enable an attack... because of its modern... key establishment protocol

 

My Thoughts:

Honestly, this shouldn't be a big issue for home users unless they're using setting up multiple routers just business which are big, profitable targets.

PLEASE QUOTE ME IF YOU ARE REPLYING TO ME

Desktop Build: Ryzen 7 2700X @ 4.0GHz, AsRock Fatal1ty X370 Professional Gaming, 48GB Corsair DDR4 @ 3000MHz, RX5700 XT 8GB Sapphire Nitro+, Benq XL2730 1440p 144Hz FS

Retro Build: Intel Pentium III @ 500 MHz, Dell Optiplex G1 Full AT Tower, 768MB SDRAM @ 133MHz, Integrated Graphics, Generic 1024x768 60Hz Monitor


 

Link to comment
Share on other sites

Link to post
Share on other sites

Why did you strikethrough everything?

Want to know which mobo to get?

Spoiler

Choose whatever you need. Any more, you're wasting your money. Any less, and you don't get the features you need.

 

Only you know what you need to do with your computer, so nobody's really qualified to answer this question except for you.

 

chEcK iNsidE sPoilEr fOr a tREat!

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, NoRomanBatmansAllowed said:

Why did you strikethrough everything?

Fixed. Not sure what happened

PLEASE QUOTE ME IF YOU ARE REPLYING TO ME

Desktop Build: Ryzen 7 2700X @ 4.0GHz, AsRock Fatal1ty X370 Professional Gaming, 48GB Corsair DDR4 @ 3000MHz, RX5700 XT 8GB Sapphire Nitro+, Benq XL2730 1440p 144Hz FS

Retro Build: Intel Pentium III @ 500 MHz, Dell Optiplex G1 Full AT Tower, 768MB SDRAM @ 133MHz, Integrated Graphics, Generic 1024x768 60Hz Monitor


 

Link to comment
Share on other sites

Link to post
Share on other sites

Meh.

Doesn't make the cracking easier. Just makes it so that an attacker can do it given a captured EAPOL frame instead of a handshake.

Link to comment
Share on other sites

Link to post
Share on other sites

Hmm ... Maybe I can use this so I can finally access my job's wifi that nobody uses! (I don't think even my boss uses it)

Link to comment
Share on other sites

Link to post
Share on other sites

Doesn't Kali already have the ability to send a deauth packet to force a 4 way handshake?

 

This shouldn't be much to worry about, if you have multiple APs for your network need not be as close and if you are in a city the density is so high an attacker is unlikely to need to move far.

22 hours ago, rcmaehl said:

Fixed. Not sure what happened

Blame it on the broken wifi ;)

 

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×