Extreme Coders Posted October 16, 2017 Posted October 16, 2017 INTRODUCTION We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites. DETAILS Our main attack is against the 4-way handshake of the WPA2 protocol. This handshake is executed when a client wants to join a protected Wi-Fi network, and is used to confirm that both the client and access point possess the correct credentials (e.g. the pre-shared password of the network). At the same time, the 4-way handshake also negotiates a fresh encryption key that will be used to encrypt all subsequent traffic. Currently, all modern protected Wi-Fi networks use the 4-way handshake. This implies all these networks are affected by (some variant of) our attack. For instance, the attack works against personal and enterprise Wi-Fi networks, against the older WPA and the latest WPA2 standard, and even against networks that only use AES. All our attacks against WPA2 use a novel technique called a key reinstallation attack (KRACK): https://www.krackattacks.com/ 3
Blah Posted October 17, 2017 Posted October 17, 2017 hello all anybody know which update is a must have installed for win7 right now??i stopped installing updates some point during there time trying to force everybody to update to win10.. now theres that wifi krack vulnerability going on and wanna atleast keep that hole patched. im on win7 64bit https://portal.msrc.microsoft.com/en-US/eula cheers mates n thanx for any suggestions B
Teddy Rogers Posted October 17, 2017 Posted October 17, 2017 11 hours ago, Blah said: now theres that wifi krack vulnerability going on and wanna atleast keep that hole patched. im on win7 64bit https://www.catalog.update.microsoft.com/Search.aspx?q=KB4041678 Don't forget to update the firmware of all your WiFi devices. Some vendors have been a lot better at this than others... Ted. 1
Kurapica Posted October 18, 2017 Posted October 18, 2017 It could take a long time before all hardware vendors provide patched firmwares, take TP-Link as a bad example.
Teddy Rogers Posted October 18, 2017 Posted October 18, 2017 This is one of those occasions where you can evaluate the performance of a company whom takes the security of their devices seriously for their end users. Unfortunately there will be a lot of old hardware out there, still being used, where its reached EOL that will never see a patch or firmware update. Even if an update exists it's up to end users to know about this vulnerability, care enough about it and have the competency to update their devices. I can foresee a lot of unpatched devices being used in hotels, coffee shops, etc for years to come where there is greater opportunity to exploit this in MITM attacks... Ted. 1
Kurapica Posted October 18, 2017 Posted October 18, 2017 you are right teddy, several layers of laziness, incompetence and indifference will keep this vulnerability active for years. Must be a gold mine for many 3 letter agencies all over the world Be safe ... 1
kao Posted October 18, 2017 Posted October 18, 2017 Keep calm and think a bit. So far, the best summary I have seen is provided by Alex Hudson: https://www.alexhudson.com/2017/10/15/wpa2-broken-krack-now/ Quote this won’t let people who are not physically present into your networks; it’s unlikely any data is protected by the encryption WPA2 provides; in particular, accessing secure websites is still fine; think about increasing the level of security of the nodes on your network if possible – make sure your AV is up-to-date, firewalls turned on, etc.; if you’re paranoid about certain data or systems, turn off WiFi and switch to one of an internal VPN, a wired ethernet connection or mobile data (for WAN access); In short - it's broken "cryptographically" but it's not something Rob The Thief can/will use to steal all your pornbitcoins. 2 1
Kurapica Posted October 18, 2017 Posted October 18, 2017 yeah sure, I will update my Kaspersky now !! who trusts any AV these days ?! and I will subscribe to a VPN who says "We don't keep any logs" we can't deny it's a clear and present danger, at least in the part of the world where I live, ticking the "Like" button can send you to prison for 5 years, true story. 2 1
Teddy Rogers Posted October 19, 2017 Posted October 19, 2017 Those suggestions from Alex are all good and well for those technically minded. They aren't going to help the moms and pops of the world and those whom are not technically minded and are using hardware (predominantly Android devices) and firmware with this vulnerability. It's not a good position to be in having the risk of all your traffic being captured and relying on TLS, and VPN's implementations to shore up the gaps. I'm going to side with Matthew Green on this one with the IEEE needing to be more open to allow more scrutiny and review of specifications and how they are implemented... Ted. 3
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now