1. Forum
  2. SpookNet
  3. SN SECURITY

  • Wi-FI KRACK

    From Pequito@700:100/4 to All on Tue Oct 17 18:54:19 2017
    It's time to get patching again. Another widespread vulnerability affecting practically everyone and everything that uses Wi-Fi was revealed on Monday, allowing hackers to decrypt and potentially look at everything people are
    doing online.

    Researcher Mathy Vanhoef, from Belgian university KU Leuven, released information on his hack, dubbing it KRACK, for Key Reinstallation Attack. Vanhoef's description of the bug on his KRACK website is startling: "This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration,
    it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites."

    What's behind the vulnerability? It affects a core encryption protocol, Wi-Fi Protected Access 2 (WPA2), relied on by most Wi-Fi users to keep their web
    use hidden and secret from others. More specifically, the KRACK attack sees a hacker trick a victim into reinstalling an already-in-use key. Every key
    should be unique and not re-usable, but a flaw in WPA2 means a hacker can
    tweak and replay the "handshakes" carried out between Wi-Fi routers and
    devices connecting to them; during those handshakes, encryption keys made up
    of algorithmically-generated, one-time-use random numbers are created. It
    turns out that in WPA2, it's possible for an attacker to manipulate the handshakes so that the keys can be reused and messages silently intercepted.


    The researchers, who said the attack was particularly severe for Android and Linux users, showed how devastating an attack could be in the demonstration video below:

    https://youtu.be/Oh4WURZoR98

    The attacks on Google's Android are made simpler by a coding error, where an attacker will know the key just by forcing a reinstallation. That's because
    the operating system uses what's known as an "all-zero encryption key" when
    the reinstallation is initiated, which is easier to intercept and use maliciously.

    --- Mystic BBS v1.12 A35 (Linux/32)
    * Origin: Twinkle BBS # (700:100/4)