Researcher looking at WPA3 discovers new WPA2 attack

[HEXUS]

Says that "most modern routers" will be vulnerable to the security flaw.

Read more.

[peterb]

The source and discussion is here: (Also linked to in the above article)

https://hashcat.net/forum/thread-7717.html

Which indicates to consumer grade devices may not be affected - although the latest Fritz Box OS update may introduce this vulnerability.

Be interested to see if the Draytek series are affected - no doubt there will be a security update in due course.

[philehidiot]

How long to crack it? How many GPUs? Well I suppose we've found a use for all the old mining stock.

Last time I tried to break WPA2 (I gave it the handshake to make life easier for it), the hackintosh nearly had a stroke.

Yes, I set up a network so I could try and hack it whilst slightly drunk. I'm a sad, sad person.

[virtuo]

Yes, I set up a network so I could try and hack it whilst slightly drunk. I'm a sad, sad person.

Worse when you do it sober

... hm

[Iota]

Yes, I set up a network so I could try and hack it whilst slightly drunk. I'm a sad, sad person.

Not really, I once took issue with neighbours wi-fi networks broadcasting across the range for the best channel for my own network. It's the only time I've ever used a linux distro, in efforts to gain access to their routers to put them on a fixed channel not close to mine. TL;DR Takes a long time depending on hardware in use, gave up with my ancient laptop.

It is best not to use the "obvious pattern" following manufacturer generated PSK, Steube advised users; rather make up your own with complex arrangements of letters and symbols. "A typical manufacturers PSK of length 10 takes 8 days to crack (on a 4 GPU box)," explained Steube.

Pretty obvious advice, as is turning off roaming and automatically connecting to networks on your devices (especially if hiding your SSID).

[philehidiot]

Not really, I once took issue with neighbours wi-fi networks broadcasting across the range for the best channel for my own network. It's the only time I've ever used a linux distro, in efforts to gain access to their routers to put them on a fixed channel not close to mine. TL;DR Takes a long time depending on hardware in use, gave up with my ancient laptop.

My finest moment in this domain was some years ago when a friend was having some script kiddie keep trying to hack him and kept bouncing off the firewall and annoying him with endless pop up messages alerting him to the attempts but furnishing him with the IP address, which he passed on to me.

I can't quite remember what I did it was so long ago but it was essentially an improvised DOS attack. Very effective and he stopped his attempts to hack my friend after a couple of minutes. Things like that are useful to know how to do for situations like that (it was probably only a matter of time before the guy actually found an open port) as long as you're not a prat with it.

[Dashers]

I seem to recall that the original WPA2 attack was effective against WPA2-EAP as well as PSK, albeit only against one user. Does anybody know if EAP is vulnerable to this hack, and I guess by extension, if all variants of EAP are effected?