Home page logo
/

dailydave logo Dailydave mailing list archives

Re: All Ur WiFi(WPA) R Belong 2 PacSec
From: "Raul Siles" <raul.siles () gmail com>
Date: Sun, 9 Nov 2008 00:52:02 +0100

The associated whitepaper from the authors has been released on the
aircrack-ng links page:
http://dl.aircrack-ng.org/breakingwepandwpa.pdf
--
Raul Siles
www.raulsiles.com

Early details: http://radajo.blogspot.com/2008/11/wpatkip-chopchop-attack.html


On Fri, Nov 7, 2008 at 5:41 PM, Stephen John Smoogen <smooge () gmail com> wrote:
On Fri, Nov 7, 2008 at 8:27 AM, Dave Aitel <dave () immunityinc com> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This article has a good summary of the technique, for those not going
to Japan. While good work, it's not going to worry me if I have a WPA
network set up at home or as part of my business. At least, not yet
(and maybe not ever - we'll see :> ).

The other mitigating factors according to the article are:
 o It works like chopchop on small packets only
 o Busy networks might make it impractical
 o You can only send packets from the AP to the endpoints

http://arstechnica.com/articles/paedia/wpa-cracked.ars

Hmmm it would be interesting to see what kind of devices have a
higherlevel renegotiate .. as in I am told by the 'AP' that old WPA
key is no longer accepted but can you send in the clear or switch to
this new WPA key (or go to WEP or ROT13). Then you just set up your
directional attenae with a bigger generator and get everyone to start
talking to you outside the building versus inside.



--
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]