Jump to content
Sign in to follow this  
Coastercraze

WPA2 Vulernability aka KRACK

Recommended Posts

This deals with the protocol and is not device specific. If you haven't already heard of it, it's called Key Replay Attack (KRACK) and some devices such as Android 6.0 or higher and Linux based ones have a higher risk. Regardless, it affects any WiFi enabled devices that uses WiFi over the transmission of WPA2 with any of the encryption methods used.

Link below is to the original source:

https://www.krackattacks.com/

 

Share this post


Link to post
Share on other sites

Whoa, never thought they'd break it. And technically, they didn't!

They bypassed the encryption by exploiting the all-zero keys given when Android and Linux are instructed (for whatever reason...) to change access points. So they never need to retrieve data through a WPA2 connection. That's what makes this is more of a device-specific MITM than a WPA2 break. Sucks though, because Android == most of the market.

Oh, and WEP fell hard to a suite of similar MITM exploits .. before getting completely jacked from the inside, out. xD

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

×