Results 1 to 7 of 7

Thread: Researcher looking at WPA3 discovers new WPA2 attack

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    29,281
    Thanks
    0
    Thanked
    1,924 times in 668 posts

    Researcher looking at WPA3 discovers new WPA2 attack

    Says that "most modern routers" will be vulnerable to the security flaw.
    Read more.

  2. #2
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,381
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    The source and discussion is here: (Also linked to in the above article)

    https://hashcat.net/forum/thread-7717.html

    Which indicates to consumer grade devices may not be affected - although the latest Fritz Box OS update may introduce this vulnerability.

    Be interested to see if the Draytek series are affected - no doubt there will be a security update in due course.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  3. #3
    Long member
    Join Date
    Apr 2008
    Posts
    1,544
    Thanks
    59
    Thanked
    275 times in 194 posts
    • philehidiot's system
      • Motherboard:
      • Father's bored
      • CPU:
      • Cockroach brain V0.1
      • Memory:
      • Innebriated, unwritten
      • Storage:
      • Big Yellow Self Storage
      • Graphics card(s):
      • Semi chewed Crayola Mega Pack
      • PSU:
      • 20KW single phase direct grid supply
      • Case:
      • Closed, Open, Cold
      • Operating System:
      • Cockroach
      • Monitor(s):
      • The mental health nurses
      • Internet:
      • Please.

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    How long to crack it? How many GPUs? Well I suppose we've found a use for all the old mining stock.

    Last time I tried to break WPA2 (I gave it the handshake to make life easier for it), the hackintosh nearly had a stroke.

    Yes, I set up a network so I could try and hack it whilst slightly drunk. I'm a sad, sad person.

  4. Received thanks from:

    afiretruck (08-08-2018),DanceswithUnix (09-08-2018)

  5. #4
    Senior Member
    Join Date
    Aug 2013
    Location
    North Wales
    Posts
    1,724
    Thanks
    159
    Thanked
    248 times in 183 posts
    • virtuo's system
      • Motherboard:
      • Asus GRYPHON Z87
      • CPU:
      • i7 4790K @4.8Ghz Corsair H100i GTX
      • Memory:
      • 32Gb G.Skill TridentX 2400 @ CAS9
      • Storage:
      • Samsung 840 EVO 120Gb + Many, many HDs
      • Graphics card(s):
      • EVGA 980Ti FTW
      • PSU:
      • EVGA Supernova G2 750W
      • Case:
      • be quiet! Dark Base Pro 900 (Orange)
      • Operating System:
      • Win10, Fedora
      • Monitor(s):
      • 2x Dell U2515H 1440p DELL U3415W Ultrawide for Work
      • Internet:
      • PlusNet Unlimited 80Mb

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    Quote Originally Posted by philehidiot View Post
    Yes, I set up a network so I could try and hack it whilst slightly drunk. I'm a sad, sad person.
    Worse when you do it sober

    ... hm

  6. #5
    Senior Member
    Join Date
    May 2009
    Location
    Where you are not
    Posts
    677
    Thanks
    267
    Thanked
    53 times in 42 posts
    • Iota's system
      • Motherboard:
      • Asus Maximus Hero XI
      • CPU:
      • Intel Core i7 9700K
      • Memory:
      • CMD32GX4M2C3200C16
      • Storage:
      • 1 x 250GB / 1 x 1TB Samsung 970 Evo Plus NVMe
      • Graphics card(s):
      • Nvidia RTX 2080 FE
      • PSU:
      • Corsair HXi 850
      • Case:
      • Lian Li PC-X500B
      • Operating System:
      • Windows 10 Pro 64-bit
      • Monitor(s):
      • Dell S2716DG
      • Internet:
      • 40Mbps SKY Fibre

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    Quote Originally Posted by philehidiot View Post
    Yes, I set up a network so I could try and hack it whilst slightly drunk. I'm a sad, sad person.
    Not really, I once took issue with neighbours wi-fi networks broadcasting across the range for the best channel for my own network. It's the only time I've ever used a linux distro, in efforts to gain access to their routers to put them on a fixed channel not close to mine. TL;DR Takes a long time depending on hardware in use, gave up with my ancient laptop.

    It is best not to use the "obvious pattern" following manufacturer generated PSK, Steube advised users; rather make up your own with complex arrangements of letters and symbols. "A typical manufacturers PSK of length 10 takes 8 days to crack (on a 4 GPU box)," explained Steube.
    Pretty obvious advice, as is turning off roaming and automatically connecting to networks on your devices (especially if hiding your SSID).

  7. #6
    Long member
    Join Date
    Apr 2008
    Posts
    1,544
    Thanks
    59
    Thanked
    275 times in 194 posts
    • philehidiot's system
      • Motherboard:
      • Father's bored
      • CPU:
      • Cockroach brain V0.1
      • Memory:
      • Innebriated, unwritten
      • Storage:
      • Big Yellow Self Storage
      • Graphics card(s):
      • Semi chewed Crayola Mega Pack
      • PSU:
      • 20KW single phase direct grid supply
      • Case:
      • Closed, Open, Cold
      • Operating System:
      • Cockroach
      • Monitor(s):
      • The mental health nurses
      • Internet:
      • Please.

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    Quote Originally Posted by Iota View Post
    Not really, I once took issue with neighbours wi-fi networks broadcasting across the range for the best channel for my own network. It's the only time I've ever used a linux distro, in efforts to gain access to their routers to put them on a fixed channel not close to mine. TL;DR Takes a long time depending on hardware in use, gave up with my ancient laptop.
    My finest moment in this domain was some years ago when a friend was having some script kiddie keep trying to hack him and kept bouncing off the firewall and annoying him with endless pop up messages alerting him to the attempts but furnishing him with the IP address, which he passed on to me.

    I can't quite remember what I did it was so long ago but it was essentially an improvised DOS attack. Very effective and he stopped his attempts to hack my friend after a couple of minutes. Things like that are useful to know how to do for situations like that (it was probably only a matter of time before the guy actually found an open port) as long as you're not a prat with it.
    Last edited by philehidiot; 09-08-2018 at 10:01 AM. Reason: Spelin and claritie

  8. Received thanks from:

    Iota (09-08-2018)

  9. #7
    I really don't care Dashers's Avatar
    Join Date
    Jun 2016
    Posts
    1,023
    Thanks
    38
    Thanked
    130 times in 103 posts
    • Dashers's system
      • Motherboard:
      • Gigabyte GA-X99-UD4
      • CPU:
      • Intel i7-5930K
      • Memory:
      • 48GB Corsair DDR4 3000 Quad-channel
      • Storage:
      • Intel 750 PCIe SSD; RAID-0 x2 Samsung 840 EVO; RAID-0 x2 WD Black; RAID-0 x2 Crucial MX500
      • Graphics card(s):
      • MSI GeForce GTX 1070 Ti
      • PSU:
      • CoolerMaster Silent Pro M2 720W
      • Case:
      • Corsair 500R
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Philips 40" 4K AMVA + 23.5" 1080 IPS 72Hz OC
      • Internet:
      • Zen FTTC

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    I seem to recall that the original WPA2 attack was effective against WPA2-EAP as well as PSK, albeit only against one user. Does anybody know if EAP is vulnerable to this hack, and I guess by extension, if all variants of EAP are effected?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •