Collaborate Disseminate
Security auth flaw detected
Hardware: ELM327 station mode
AP DD-wrt, OpenWRT, n66u Asus, tried several others
Legacy 802.11G
Stations disconnect after a few minutes. Tried to reset the WiFi station board – see below)
OpenWRT AP
Log fro… Continue reading Wi-Fi station wont connect to AP … WPA2-PSK -Security auth flaw detected [closed]
We know that in WPA2’s four-way handshake, a MIC is generated in order verify the supplicant (client). But how it is generated? Is something hashed to get the MIC? The PTK (pairwise transient key) depends on the nonces and MAC addresses an… Continue reading How is the MIC (message integrity code) generated in WPA2?
I was looking for ways to make Wi-Fi that uses WPA2-Personal/WPA-PSK secure, and I stumbled in this answer (the second one, from Terrence Koeman):
WPA2-PSK (aka WPA2 Personal) basically does the same thing as WPA2-Enterprise from the clie… Continue reading Is there a point in randomizing my WPA2-Personal SSID (meaning, set a random string in place of the SSID)?
I’m auditing my network setup and trying to determine an appropriate password length with a random set of digits and numbers. I found a Security Stack exchange answer but it was written in 2012 and wanted to see if the recommendation has c… Continue reading Recommended length for WPA-2 password in 2020
Can an old and upatched (assume a 15 y.o. TP-Link: so plenty of vulnerabilities) be breached given:
no physical access
WEP is disabled
WPA is up but password is not crackable via aircrack-ng + johntheripper
Continue reading Can a router be attacked without being associated to it’s WiFi?
We all know that the client device and WiFi AP will perform the 4 way handshake to generate the session key (PTK). Here is the recap of the 4 way handshake.
1.Client device<—–ANonce—–WiFi AP
2.Client device——SNonce—->WiFi… Continue reading How Wifi prevent hacking in the same network?
I captured the handshake using airodump and tried to crack it. Aircrack didn’t crack the password but the password was correct and was present in the dictionary. The password was 12345678, which when I uploaded on onlinehashcrack immediate… Continue reading Aircrack says KEY NOT FOUND for a password present in the dictionary
I’ve been trying to find some answers regarding using MAC filtering on my router in addition to having WPA2 encryption but I couldn’t find any clear ones. I understand that using MAC filtering solely is bad security practice since anyone c… Continue reading Using MAC Filtering in addition to WPA2 Encryption
I was trying to aireplay’ng my home wifi but I understood that with the new generation of AP there is a system of protected management frames. So I’m asking, is it still worth to make an evil twin attack? I think no, because without deauth… Continue reading Wifi with protected management frames, is it worth still evin twin attack?
I was trying to aireplay’ng my home WiFi but I understood that with the new generation of APs, there is a system of protected management frames. So I’m asking, is it still worth it to perform an evil twin attack? I think not, because witho… Continue reading With WiFi now having protected management frames, is it still worth attempting an evil twin attack?