Casa > cibernético Notícias > New Attack on WPA/WPA2 Discovered, A maioria dos roteadores modernos em Risco

Novo ataque em WPA / WPA2 Descoberto, A maioria dos roteadores modernos em Risco

A new attack on Wi-Fi protected access protocols has been discovered. The new technique to crack WPA PSK (Chave Pré-Compartilhada) passwords enables outside users to capture access credentials easily.

The discovery of the attack was accidentalthe Hashcat developers deparar the new attack while testing the security of the upcoming WPA3 authentication method for wireless networks.

Você sabia? WPA3 is the latest version of Wi-Fi Protected Access otherwise known as WPA – a user authentication technology aimed at wireless connections. The Wi-Fi Alliance started developing WPA3 after the discovery of the KRACK vulnerability within the WPA2 protocol. A falha permitiu que os invasores tivessem acesso a transmissões Wi-Fi protegidas pelo padrão WPA2. Ler more about WPA3.

The new technique captures the Pairwise Master Key Identifier (PMKID) and as explained by the developers that devised it, it works against 802.11i/p/q/r networks with roaming functions enabled. This means that most modern routers are potentially at risk.

What is the difference between the new attack and previous WPA/WPA2 cracks?

According to Hashcat developer Jen “Atom” Steube, the most significant difference between older attacks and the newly discovered method is that an attacker no longer needs another user to be on the targeted network to capture credentials. The only thing needed is the initiation of the authentication process.

O pesquisador também adicionado that earlier WPA/WPA2 attacks were more challenging to carry out, because “in the past the attacker had to record the WPA four-way handshake to launch an offline attack”. This may sound easy but in fact this type of attack can create a lot of trouble from a technical perspective.

The new attack is much easier to pull off, Porque “if you receive the PMKID from the access point, you will be able to get into the network if you can guess the [WPA] pre-shared key (PSK)“.

Depending on the length and complexity of the pre-shared key, the success of the attack may vary. It should be noted that most users don’t have the technical capacity to change the PSK on their routers and generally use the manufacturer generated key. This becomes a premise for attackers to guess the key. The cracking of such a password becomes even easier with manufacturers creating PSKs following a pattern that can be traced back to the make of the routers.

Em poucas palavras, here’s why this attack is much better than previous techniques:

No more regular users requiredbecause the attacker directly communicates with the AP (aka “client-less” ataque)
No more waiting for a complete 4-way handshake between the regular user and the AP
No more eventual retransmissions of EAPOL frames (which can lead to uncrackable results)
No more eventual invalid passwords sent by the regular user
No more lost EAPOL frames when the regular user or the AP is too far away from the attacker
No more fixing of nonce and replaycounter values required (resulting in slightly higher speeds)
No more special output format (pcap, hccapx, etc.) – final data will appear as regular hex encoded string

Quem é afetado?

Nesse momento, the researchers are not sure for which vendors or for how many routers this technique will work, but they definitely think it will work against all 802.11i/p/q/r networks with roaming functions enabled. pouco colocá, this means most modern routers.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar