NewsPenetration TestingVulnerabilitiesWireless Pentest

Here’s How The KRACK WiFi Vulnerability Works! Hacking WPA2

So, We thought that WPA2 Encryption is secure. But it is now possible to crack that WPA2 encryption. Researchers has discovered several key management vulnerabilities in core WiFi Protected Access II (WPA2) protocol that allow’s any attacker to Hack into your WPA2 network which you through as more secured then other protocols.

However, WPA2 is also an old encryption mechanism which has been compromised. Risking all the WiFi-Devices all over the world.

“The attacker doesn’t even need to connect to the network – only to listen to the data you exchange with an access point and emit their own packets back to change things on your system and the router.”

So, what kind of bad things? Well, obviously they’ll be able to intercept traffic. According to Gorodyansky, depending on the router configuration, they’ll be able to modify and forge fake data, interfering with the content of non-secure websites.

According to the researcher that discovered Krack, Mathy Vanhoef, it means that an attacker would theoretically be able to inject ransomware or other malware into otherwise benign websites. This would make it easier to infect those users who tend not to download sketchy attachments, or visit the darker ends of the Internet.

Gorodyansky explained that the adversary would also have access to any attached storage. So, if you’ve attached a USB flash drive or external hard drive to your router, they’d be able to read that.

KRACK also works against WPA-Enterprise, which is typically used in large business environments, rather than personal and small-business networks. “If a company’s network-attached storage (such as company servers) are accessible without a password, or data is accessible between computers on a network, untold amounts of records could be stolen,” he said.

So now, let’s put all this into a sense of proportion. What makes KRACK so scary is that it isn’t an issue with a piece of software, but rather a widely-used protocol. As Vanhoef pointed out, “if your device supports Wi-Fi, it is most likely affected.”

According to the researchers, the newly discovered attack works against:

  • Both WPA1 and WPA2,
  • Personal and enterprise networks,
  • Ciphers WPA-TKIP, AES-CCMP, and GCMP

Here’s How The KRACK WiFi Vulnerability Works

How To Patch This KRACK Vulnerability?

However, In order to Patch this different vendors had issued update to there devices such as Microsoft, Apple and etc. Here’s How this works!

The Attacker needs to be within your physical proximity to intend your WiFi network.

WPA2 Vulnerabilities and their Brief Details

The key management vulnerabilities in the WPA2 protocol discovered by the researchers has been tracked as:

  • CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the four-way handshake.
  • CVE-2017-13078: Reinstallation of the group key (GTK) in the four-way handshake.
  • CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the four-way handshake.
  • CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
  • CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
  • CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
  • CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
  • CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
  • CVE-2017-13087: reinstallation of the group key (GTK) while processing a Wireless Network Management (WNM) Sleep Mode Response frame.
  • CVE-2017-13088: reinstallation of the integrity group key (IGTK) while processing a Wireless Network Management (WNM) Sleep Mode Response frame.

The researchers discovered the vulnerabilities last year, but sent out notifications to several vendors on July 14, along with the United States Computer Emergency Readiness Team (US-CERT), who sent out a broad warning to hundreds of vendors on 28 August 2017.

Noor Qureshi

Experienced Founder with a demonstrated history of working in the computer software industry. Skilled in Network Security and Information Security.

Related Articles

Back to top button