Collaborate Disseminate
Let’s say someone already has my key and is logged in my wifi network and also has access to my router. Catching the four-way handshake for the hacker is important to see my web traffic. If he wants to see my traffic/log from… Continue reading Sniffing router’s WiFi traffic
From the following answer, I understand a strong pre-shared key must be 15 characters at minimum and randomly generated:
https://security.stackexchange.com/a/56646/37051
However, from other reading, I understand that crypto… Continue reading Details of a good WPA2 pre-shared key (password)?
I understand some of the reasons why WPA Enterprise is more secure from this question: Why is WPA Enterprise more secure than WPA2?
However, given a home network with only one single user where that user has a long and compl… Continue reading Will WPA Enterprise give any advantage on home network with one user?
I am trying to implement a function, let’s say in Python to compute Pairwise Master Key Identifier (PMKID) after reading the previously discovered bug in WPA2. Googling gave me this logical statement:
PMKID = HMAC-SHA1-128(… Continue reading Implementation of PMKID computing function
While we know that in the best practice in any AES communication is to not use a constant or all zero IV.
However, when I capture my authentication progress between my STA and AP. I found out that the EAPOL message of 1, 2 a… Continue reading WPA2 IV all zero in EAPOL message of 1,2 and 4
The new strategy allows an attacker to instead lift ID information directly from the router, within minutes. Continue reading Fresh Approach to WiFi Cracking Uses Packet-Sniffing
While looking for ways to attack the new WPA3 security standard, Hashcat developer Jens “Atom” Steube found a simpler way to capture and crack access credentials protecting WPA and WPA2 wireless networks. The attack The attacker needs to ca… Continue reading Hashcat developer discovers simpler way to crack WPA2 wireless passwords
A new attack was discovered which allows cracking a WPA2 passphrase without needing to capture the 4-way handshake. While this doesn’t weaken the password itself, it does mean that an attacker can begin their cracking attempts without need… Continue reading Mitigating the new attack on WPA2 involving PMKID
Given that WiFi packets should be encrypted if WPA2 is used, why is it that a deauth attack can be successful? Shouldn’t the machine know that the message is illegitimate due to the fact that it would not be encrypted, having come from a f… Continue reading Why does a deauth attack work on WPA2 despite encryption?
I have a pcap file with two captured packets only.
Time Protocol Info
0.000000 EAPOL Key (Message 3 of 4)
2934.200222 EAPOL Key (Message 2 of 4)
I already know, messages 2 and 3 are sufficient to lau… Continue reading EAPOL messages in different WPA handshakes