+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Network Hacking (https://sinister.ly/Forum-Network-Hacking)
+--- Thread: KRACK attack ~ New WPA2 Attack! (/Thread-KRACK-attack-New-WPA2-Attack)
KRACK attack ~ New WPA2 Attack! - S3xySmurf - 10-16-2017
Today I present to you KRACK Attack.
KRACK of Key Reinstallation Attack basically reinstalls the already-in-use key, this affects the 4 Handshake to generate a fresh key, this 14 year old handshake has never been kracked until now, Any device that uses Wi-Fi is likely vulnerable.
First of all the demo.
Second the paper.
Paper
CVE(s)
And finally their website:
KrackAttack
They will be releasing the code after everyone has had a reasonable chance to update their devices, I am very excited to try this attack out.
KRACK of Key Reinstallation Attack basically reinstalls the already-in-use key, this affects the 4 Handshake to generate a fresh key, this 14 year old handshake has never been kracked until now, Any device that uses Wi-Fi is likely vulnerable.
First of all the demo.
Second the paper.
Paper
CVE(s)
- CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
- CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
- CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
- CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
- CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
- CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
- CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
- CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
- CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
- CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
And finally their website:
KrackAttack
They will be releasing the code after everyone has had a reasonable chance to update their devices, I am very excited to try this attack out.
RE: KRACK attack ~ New WiFi Attack! - phyrrus9 - 10-16-2017
Damn, what a shame that they won't release their code...I was actually excited to see what's going on. Props to the author here for including the whitepaper.
RE: KRACK attack ~ New WiFi Attack! - S3xySmurf - 10-16-2017
(10-16-2017, 12:46 PM)phyrrus9 Wrote: Damn, what a shame that they won't release their code...I was actually excited to see what's going on. Props to the author here for including the whitepaper.
I was also upset when I couldn't find the code for this, I've got a network I'd really like to test this on
RE: KRACK attack ~ New WPA2 Attack! - tvojaMama - 10-16-2017
This is huge..it's surprising how long it took to discover this security hole
RE: KRACK attack ~ New WPA2 Attack! - Ecks - 10-16-2017
Everyone is flipping out but as long as you have an open sourced router this is a non issue, for those of you still using a store bought default or the one your isp handed you, good luck waiting for them to update and patch this vulnerability. If you are interested in building your own router you can check out https://sinister.ly/Thread-Tutorial-Turn-that-old-PC-into-a-Powerful-Router for more information.
RE: KRACK attack ~ New WiFi Attack! - Ecks - 10-16-2017
(10-16-2017, 01:24 PM)S3xySmurf Wrote:(10-16-2017, 12:46 PM)phyrrus9 Wrote: Damn, what a shame that they won't release their code...I was actually excited to see what's going on. Props to the author here for including the whitepaper.
I was also upset when I couldn't find the code for this, I've got a network I'd really like to test this on
https://www.krackattacks.com/ <- Don't think they have released the code, but all the information on what they did and such is on their website.
RE: KRACK attack ~ New WPA2 Attack! - mothered - 10-16-2017
(10-16-2017, 08:30 PM)Ecks Wrote: or the one your isp handed you, good luck waiting for them to update and patch this vulnerability.
Hence one of many reasons not to use a Router supported and provided by your ISP.
Nice contribution Indeed. Will look Into this after work today.
RE: KRACK attack ~ New WiFi Attack! - S3xySmurf - 10-16-2017
(10-16-2017, 08:32 PM)Ecks Wrote:(10-16-2017, 01:24 PM)S3xySmurf Wrote:(10-16-2017, 12:46 PM)phyrrus9 Wrote: Damn, what a shame that they won't release their code...I was actually excited to see what's going on. Props to the author here for including the whitepaper.
I was also upset when I couldn't find the code for this, I've got a network I'd really like to test this on
https://www.krackattacks.com/ <- Don't think they have released the code, but all the information on what they did and such is on their website.
They haven't released the code yet but they are planning to do so when the relevant parties have patched this hole.
RE: KRACK attack ~ New WPA2 Attack! - zorrophreak - 10-16-2017
Very nice contribution, just heard about this on the way home. Think I already have a patch for this on my router but I'll have to check. I still need to go about building together my replacement router but OpenWRT works for now.
RE: KRACK attack ~ New WPA2 Attack! - phyrrus9 - 10-17-2017
Fun fact, this isn't even the biggest bug. Saw a bunch of shit today about some core protocol vuln that is basically unpatchable because it will either conflict with WPA2 or 802.11 specs. New spec needed to fix bug. Maybe we'll see WPA3 in the next 3 years