Results 1 to 7 of 7

Thread: Researcher looking at WPA3 discovers new WPA2 attack

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    27,287
    Thanks
    0
    Thanked
    1,680 times in 584 posts

    Researcher looking at WPA3 discovers new WPA2 attack

    Says that "most modern routers" will be vulnerable to the security flaw.
    Read more.

  2. #2
    Admin Team peterb's Avatar
    Join Date
    Aug 2005
    Location
    Southampton
    Posts
    18,178
    Thanks
    2,482
    Thanked
    3,025 times in 2,415 posts
    • peterb's system
      • Motherboard:
      • Nascom 2
      • CPU:
      • Z80B
      • Memory:
      • 48K 8 bit memory on separate card
      • Storage:
      • Audio cassette tape - home built 5.25" floppy drive
      • Graphics card(s):
      • text output (composite video)
      • PSU:
      • Home built
      • Case:
      • Home built
      • Operating System:
      • Nas-sys
      • Monitor(s):
      • 12" monocrome composite video input
      • Internet:
      • No networking capability on this machine

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    The source and discussion is here: (Also linked to in the above article)

    https://hashcat.net/forum/thread-7717.html

    Which indicates to consumer grade devices may not be affected - although the latest Fritz Box OS update may introduce this vulnerability.

    Be interested to see if the Draytek series are affected - no doubt there will be a security update in due course.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  3. #3
    Senior Member
    Join Date
    Apr 2008
    Posts
    407
    Thanks
    19
    Thanked
    79 times in 59 posts

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    How long to crack it? How many GPUs? Well I suppose we've found a use for all the old mining stock.

    Last time I tried to break WPA2 (I gave it the handshake to make life easier for it), the hackintosh nearly had a stroke.

    Yes, I set up a network so I could try and hack it whilst slightly drunk. I'm a sad, sad person.

  4. Received thanks from:

    afiretruck (08-08-2018),DanceswithUnix (09-08-2018)

  5. #4
    Senior Member
    Join Date
    Aug 2013
    Location
    North Wales
    Posts
    1,693
    Thanks
    154
    Thanked
    243 times in 179 posts
    • virtuo's system
      • Motherboard:
      • Asus GRYPHON Z87
      • CPU:
      • i7 4790K @4.8Ghz Corsair H100i GTX
      • Memory:
      • 32Gb G.Skill TridentX 2400 @ CAS9
      • Storage:
      • Samsung 840 EVO 120Gb + Many, many HDs
      • Graphics card(s):
      • EVGA 980Ti FTW
      • PSU:
      • EVGA Supernova G2 750W
      • Case:
      • be quiet! Dark Base Pro 900 (Orange)
      • Operating System:
      • Win10, Fedora
      • Monitor(s):
      • 2x Dell U2515H 1440p DELL U3415W Ultrawide for Work
      • Internet:
      • PlusNet Unlimited 80Mb

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    Quote Originally Posted by philehidiot View Post
    Yes, I set up a network so I could try and hack it whilst slightly drunk. I'm a sad, sad person.
    Worse when you do it sober

    ... hm

  6. #5
    Senior Member
    Join Date
    May 2009
    Location
    Where you are not
    Posts
    337
    Thanks
    83
    Thanked
    27 times in 22 posts
    • Iota's system
      • Motherboard:
      • GA-P67A-UD5-B3
      • CPU:
      • Intel Core i7 2600K
      • Memory:
      • 2 x BL2KIT25664FN2139
      • Storage:
      • 4 x CTFDDAC064MAG-1G1 (Raid 0)
      • Graphics card(s):
      • ASUS Radeon R9 290 DC-2
      • PSU:
      • Corsair Professional Series Gold AX750
      • Case:
      • Lian Li PC-X500B
      • Operating System:
      • Windows 10 Pro 64-bit
      • Monitor(s):
      • 2x Samsung 22" widescreen P2270 2ms DVI HD LCD TFT Ecofit
      • Internet:
      • 40Mbps SKY Fibre

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    Quote Originally Posted by philehidiot View Post
    Yes, I set up a network so I could try and hack it whilst slightly drunk. I'm a sad, sad person.
    Not really, I once took issue with neighbours wi-fi networks broadcasting across the range for the best channel for my own network. It's the only time I've ever used a linux distro, in efforts to gain access to their routers to put them on a fixed channel not close to mine. TL;DR Takes a long time depending on hardware in use, gave up with my ancient laptop.

    It is best not to use the "obvious pattern" following manufacturer generated PSK, Steube advised users; rather make up your own with complex arrangements of letters and symbols. "A typical manufacturers PSK of length 10 takes 8 days to crack (on a 4 GPU box)," explained Steube.
    Pretty obvious advice, as is turning off roaming and automatically connecting to networks on your devices (especially if hiding your SSID).

  7. #6
    Senior Member
    Join Date
    Apr 2008
    Posts
    407
    Thanks
    19
    Thanked
    79 times in 59 posts

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    Quote Originally Posted by Iota View Post
    Not really, I once took issue with neighbours wi-fi networks broadcasting across the range for the best channel for my own network. It's the only time I've ever used a linux distro, in efforts to gain access to their routers to put them on a fixed channel not close to mine. TL;DR Takes a long time depending on hardware in use, gave up with my ancient laptop.
    My finest moment in this domain was some years ago when a friend was having some script kiddie keep trying to hack him and kept bouncing off the firewall and annoying him with endless pop up messages alerting him to the attempts but furnishing him with the IP address, which he passed on to me.

    I can't quite remember what I did it was so long ago but it was essentially an improvised DOS attack. Very effective and he stopped his attempts to hack my friend after a couple of minutes. Things like that are useful to know how to do for situations like that (it was probably only a matter of time before the guy actually found an open port) as long as you're not a prat with it.
    Last edited by philehidiot; 09-08-2018 at 10:01 AM. Reason: Spelin and claritie

  8. Received thanks from:

    Iota (09-08-2018)

  9. #7
    I really don't care Dashers's Avatar
    Join Date
    Jun 2016
    Posts
    819
    Thanks
    27
    Thanked
    97 times in 82 posts
    • Dashers's system
      • Motherboard:
      • Gigabyte GA-X99-UD4
      • CPU:
      • Intel i7-5930K
      • Memory:
      • Corsair DDR4 3000 Quad
      • Storage:
      • Intel 750 PCIe SSD; RAID-0 x2 Samsung 840 EVO; RAID-0 x2 WD Black; RAID-0 x2 Crucial MX500
      • Graphics card(s):
      • EVGA GeForce GTX 970 x2 SLI
      • PSU:
      • CoolerMaster Silent Pro M2 720W
      • Case:
      • Corsair 500R
      • Operating System:
      • Windows 10
      • Monitor(s):
      • x2 23.5" 1080 72Hz OC
      • Internet:
      • Zen FTTC

    Re: Researcher looking at WPA3 discovers new WPA2 attack

    I seem to recall that the original WPA2 attack was effective against WPA2-EAP as well as PSK, albeit only against one user. Does anybody know if EAP is vulnerable to this hack, and I guess by extension, if all variants of EAP are effected?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •