WPA2 Encryption exploit discovered...all Wi-Fi protocols are vulnerable

Hood Critic · Oct 16, 2017

Today a collection of severe security vulnerabilities in the WPA2 encryption protocol for Wi-Fi are being disclosed, along with a proof of concept exploit. The weaknesses center around the process used for negotiating the encryption keys used by the client and access point. These core vulnerabilities are part of the Wi-Fi Protected Access WPA standard itself, so even devices that correctly implement WPA2 according to spec are expected to be affected. Both personal and enterprise WPA modes are affected, and both the original WPA and WPA2 are affected. The primary mode of attack exploits vulnerabilities in client devices, but there are some variants that affect features used by some access points.

Multiple WiFi Encryption Vulnerabilities Disclosed, Affecting Almost Everything

winb83 · Oct 16, 2017

Hood Critic said:
Multiple WiFi Encryption Vulnerabilities Disclosed, Affecting Almost Everything

Long story short they spoof your WiFi network through a handshake vulnerability and intercept all the data you send.

Joe Sixpack · Oct 16, 2017

4-Rin · Oct 16, 2017

How do we protect our connection?

Olu Dara · Oct 16, 2017

ball15life · Oct 16, 2017

4-Rin said:
How do we protect our connection?

Using a VPN is a pretty good way to make sure your stuff is secure

Tunez · Oct 16, 2017

4-Rin said:
How do we protect our connection?

Turn off your router

He Who Posts Well · Oct 16, 2017

Man ain't nothing safe. :smh:

charmander · Oct 16, 2017

i'm interested in this

i'm tryna steal some wifi

Yapdatfool · Oct 16, 2017

https://doublepulsar.com/regarding-krack-attacks-wpa2-flaw-bf1caa7ec7a0

Regarding Krack Attacks — WPA2 flaw
So there’s a new Wi-Fi attack. In the media it is being presented as a flaw in WPA protocol which isn’t fixable. This isn’t true.

Before we all burn the house down, however, and declare security problems not fixable, let’s get to some important things for organisations:

It is patchable, both client and server (Wi-Fi) side.

Linux patches are available now. Linux distributions should have it very shortly.

The attack realistically doesn’t work against Windows or iOS devices. The Group vuln is there, but it’s not near enough to actually do anything of interest.

There is currently no publicly available code out there to attack this in the real world — you would need an incredibly high skill set and to be at the Wi-Fi base station to attack this.

Android is the issue, which is why the research paper concentrates on it. The issue with Android is people largely don’t patch.

He's not lying, my Linux Mint distro just got a wpa security update patching this very fix...

Yapdatfool · Oct 16, 2017

charmander said:
i'm interested in this

i'm tryna steal some wifi

Your better off guessing SSID passwords then even trying this shyt, the POC showed connection to a SSID before even doing the exploit.

Tunez · Oct 16, 2017

Im scared brehs

winb83 · Oct 16, 2017

4-Rin said:
How do we protect our connection?

Client side patches. If your Android phone is more than a couple years older good luck. Some of the cheaper, older, and off brand stuff will never get patched.

charmander · Oct 16, 2017

Yapdatfool said:
Your better off guessing SSID passwords then even trying this shyt, the POC showed connection to a SSID before even doing the exploit.

damn i had my hopes up

Liquid · Oct 16, 2017

Wired connection for anything serious

WPA2 Encryption exploit discovered...all Wi-Fi protocols are vulnerable

More options

Hood Critic

The Power Circle

winb83

52 Years Young

Joe Sixpack

Build and Destroy

4-Rin

Superstar

Olu Dara

^^^^^^^^^^^^

ball15life

Superstar

Tunez

Lloyd Banks Stan

He Who Posts Well

Veteran

charmander

Alhamdulillah

Yapdatfool

Superstar

Yapdatfool

Superstar

Tunez

Lloyd Banks Stan

winb83

52 Years Young

charmander

Alhamdulillah

Liquid

Superstar