Results 1 to 3 of 3

Thread: WPA2 KRACK Attack

  1. #1
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    35,690
    Activity Longevity
    11/20 19/20
    Today Posts
    1/5 ssss35690

    WPA2 KRACK Attack

    We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

    The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.
    https://www.krackattacks.com/

    You can't get the WPA PSK with this (not directly, at least), but you can capture and decrypt all traffic as well as running MITM attacks on it, without the password. More details on the site.
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

  2. #2

    Join Date
    11.07.17
    Posts
    4
    Activity Longevity
    0/20 4/20
    Today Posts
    0/5 ssssssss4
    Attack surface is pretty limited, as most connections now are done over HTTPS anyways.
    All the IoT devices with un-upgradable firmwares and HTTP web UIs are screwed though.
    Reply With QuoteReply With Quote
    Thanks

  3. #3
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    35,690
    Activity Longevity
    11/20 19/20
    Today Posts
    1/5 ssss35690
    Quote Originally Posted by kokoro View Post
    Attack surface is pretty limited, as most connections now are done over HTTPS anyways.
    SSL stripping can be used to downgrade a TLS connection to an insecure one under certain circumstances.

    All the IoT devices with un-upgradable firmwares and HTTP web UIs are screwed though.
    Definitely, and the average Joe won't update his router's firmware (if it's his at all and not a locked down ISP router running 2003-era Linux), making this even worse.
    "Come visit sometime, okay? We'll always be here for you. We... we all love you."
    Reply With QuoteReply With Quote
    Thanks

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •