Here is my video breakdown on Key Reinstallation Attacks (KRaCKs) – Breaking WPA2 by forcing nonce reuse.
New WPA2 Attack (KRaCKs) – How To Prevent It
Session expired
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.
My dog started barking at 4am last night. I found a guy typing away on a white Nexus 6 in my driveway. The Nexus 6 will run hacking tools. The guy very nervously tried to explain why he was there and the explanation was something about his friend’s network being down. That made me think that he was trying to hack into mine. My dog is pretty big so he got out of there quickly. Add a large dog to the list of your essential network security tools. It worked for me, lol.
I wasn’t too worried about my wifi password being cracked as i use WPA2 and take all of the precautions. I was just very creeped out about the trespasser. Then, I got on the train this am and heard about this. . It’s getting harder to stay ahead of these guys all of the time.
Weird!
This is reassuring. I knew there was a good reason for why I’m paranoid…
Good tip, my dog will bark and alert us for anyone she doesn’t know. Nevertheless, custom firmware helps to some extent, not to mention setting up MAC authentication and allowing only certain devices on your network. That is weird though, some guy in your driveway at 3:00 AM.
So, my data transmission over wifi can be captured by hackers as long as they are in the wifi range. And it seems updates won’t help much? It is the 4-way handshake that is hacked. Does that mean a new protocol has to be invented to fight against this hacking effectively?
No just an update to the code is required. Updates created for the attack will stop it.
A new protocol does not need to be created. Just an update.
IC. Thanks, Nathan. Do you know why router company such as Linksys also release update while it is a client attack?
Because it’s still a bug and it might be possible with further research to exploit it more proficiently.
Always thank ‘s Man
So you are saying that anyone who successfully performs this attack, can look at their victim’s internet traffic. Can they look at the emails you send. Also, can they see your communication between a website? Perhaps sending sensitive information to a website. Thanks have a great day!
Yes correct.
Is this something that needs to patched on BOTH the AP and the client?
This is what they say “Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.”
Really appreciate this. Thanks a lot.
My router is running as a vpn client to route all traffic through vpn. Since the attack occurs between my client and router this configuration mitigate the attack or does the vpn need to be run from the clients, before the router?
My router is running as a vpn client to route all traffic through vpn. Since the attack occurs between my client and router does this configuration mitigate the attack or does the vpn need to be run from the clients, before the router?
It will need to run from the client. Your thinking is corrrect.
Thankyou for the info, always good to know!
Hi Nathan,
Just a quick question. I bought a Cisco 877W the other day and currently using it for home network. I don’t think Cisco support it any more. Is it vulnerable in the first place? And if so? How can I mitigate it?
You’ll need to contact the vendor.
The following Common Vulnerabilities and Exposures (CVE) identifiers were assigned to track which products are affected by specific instantiations of our key reinstallation attack:
CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
Good to know thank you. It’s good i am using wired and vpn + https for confidential and sensitive data
what if i just disable the broadcast of Beacon frame and not being visible on the air (except deauthentication attack)?
Can you learn how to perform KEY REINSTALLATION ATTACK
Please learn how to perform Key reinstallation attack