I hadn't been following (((WPA3))) development, but I recognized the all too familiar pattern as soon as I saw that article. Thanks for the background.
(((WPA3)))
Thomas Fisher
Angel Hernandez
bump7
Kayden Wright
Yeah well some of us don't own our own router and internet service, I have to steal my neighbour's wifi to get online.
John Young
You don't even need handshakes anymore for plenty of routers, WPA2 personal is fucking fucked.
ZerBea released all the tools on github.
Wyatt Rogers
HAPAS ARE SUPERIOR TO WHITES
Leo Barnes
Doesn't surprise me a bit.
Legal disclaimer. Some of what I'm going to reference might be illegal and this is for educational purposes only. You are a big boy and pull your own pants up so it's up to you to decide if you are going to follow applicable laws. If you have questions about the legality of some of the things mentioned look the shit up on Google. Some things that are legal in other parts of the world may not be legal where you live.
This does not surprise me at all. When I learned to audit wifi there were only a few types of attacks. But oh, let me count the ways.
WEP replay packets continuously until you have 5000 and reconstruct shit for password.
aircrack-ng.org
WPA send deauthentication frame to client and collect 4 way handshake. Run dictionary attack against handshake to recover password. For bonus KEKs build a rainbow table. A precomputed table will continue to work against the same AP after the password has changed. You just need to collect a new handshake. Mitigation change the ESSID (that's the name of your wifi for newfags) because WPA/WPA2 uses that as a salt.
aircrack-ng.org
aircrack-ng.org
PMK rainbow tables. I think the last time I did this was with GenPMK or Cowpatty or some shit like that.
rootsh3ll.com
WPS PIN search. This is really easy to do and it doesn't take long because once you get half of the PIN it will tell you half of it is right and you just crack the other half which is only like 10,000 possibilities. mitigation don't use WPS.
tools.kali.org
WPS Pixie dust attack. Because some routers use a pseudorandom number generator that isn't very random this attack just sends a single WPS PIN attempt then uses the reply to calculate the WPS PIN. Mitigation: Get a router that isn't a piece of shit.
hackingtutorials.org
PMKID attack against WPA/WPA2. Easy mode. Requires tools that don't like to run on Ubuntu or Kali Linux. I've only seen this work in a video but there are tutorials for it. Requires a certain build of hashcat and some other shit. I had compatibility issues when I was trying this.
medium.com
KRACK Key Reinstallation Attack on WPA/WPA2
krackattacks.com
How to get free wifi at coffee shop where you only get a 3600 second IP lease and your IP is then banned.
ifconfig wlan0 down && macchanger -r wlan0 && ifconfig wla0 up
Then just login again.
I'm sure by now there are some new attacks that I don't know about. So this vulnerability in WPA3 does not surprise me.
How to mitigate wifi attacks.
Choose a long password with extendend characters like $%^&* in it. More than 10 characters and not something that is in a standard dictionary or is a common chemical name or an encyclopedia entry. Don't use something like your street name, your mothers, maiden name, your first pet or other facebook tier security bullshit like that.
Change you password and you ESSID often. Don't use the stock ESSID like NETGEAR01 becasue chances are there are precomputed rainbow tables for factory ESSIDs for every fucking router you can think of.
Pro tip. Some routers can run on channel 13. Most clients won't scan for it. If you run on channel 13 most people don't even know your router is there unless they are scanning for it. This might not be legal in your jurisdiction. Check local laws before doing shit.
Adrian Evans
based
Jayden Johnson
Or just set your router not to broadcast its ssid and use whatever security
Aaron Barnes
This is why I stick with ethernet cables and did not install and wireless connections.
Nolan Jones
What's the alternative? 99% of WPA2 instances which exist in the wild are vulnerable to KRACK (because either too old to have even received patches, or nobody bothered with patching anyway), and within a few years it might go the WEP way (i.e. become trivial to bypass so as to become disfunctional as what it was designed to be).