PMKID Vulnerability Proof of Concept - WPA/WPA2-PSK and 802.11r скачать в хорошем качестве

PMKID Vulnerability Proof of Concept - WPA/WPA2-PSK and 802.11r

On August 4th, 2018, a new method to exploit a known vulnerability was announced for wireless networks that use WPA/WPA2-PSK (pre-shared key). The vulnerability allows attackers to obtain the PSK being used for the particular SSID. The vulnerability affects most wireless vendors using roaming technologies. SSIDs using PSK have traditionally not been considered as secure since the PSK used for different clients is the same and dictionary attacks can be used to crack passwords easily. PSK is also prone to social engineering attacks. It is recommended that customers check their networks to ensure that fast roaming technologies are disabled. As part of the attack, an attacker can target the reassociation process to obtain the unique primary key ID used for the specific client. The primary key ID is derived from primary key (a function of PSK) and name, AP MAC and client MAC. Since primary key is derived from PSK and other details can be easily obtained, an attacker can obtain the key. This attack uses a dictionary attack to determine the PSK being used and hence, it is highly recommended to use strong passwords that are not susceptible to guessing attempts. Read full documentation at https://documentation.meraki.com/MR/Other_...