Sitemap
ASecuritySite: When Bob Met Alice

This publication brings together interesting articles related to cyber security.

Member-only story

The Beginning of the End of WPA-2 — Cracking WPA-2 Just Got a Whole Lot Easier

--

It has been known for a while that WPA-2 (802.11i) has some fundamental security problems, and that these have thus led to the creation of WPA-3. A core problem is around the 4-way handshake, and here is me cracking WPA-2 by listening to the handshake with just a Raspberry PI and a $10 wi-fi transceiver:

For this I needed to capture the communication of the 4-way handshake, and then crack a PBKDF2-SHA1 hashed value. If a weak password is used, it is normally fairly inexpensive to crack the hash and gain access to the network.

As PBKDF2 is a slow hashing method, it will be costly to crack fairly complex passwords with brute force. Typically when using Hashcat, we focus on a range of rules which considerably improves the chances of success, such placing a digit at the end or making the first character an upper case one.

But recently things got even easier, as a Hashcat developer — Jens “Atom” Steube —who has found a way to crack the network without the involvement of the 4-way handshake. With this an attacker sends a single EAPOL frame to the access point. They then get back the PMK (Pairwise Master Key) and use Hashcat to generate the Pre-Shared Key (PSK). With a…

--

--

ASecuritySite: When Bob Met Alice
ASecuritySite: When Bob Met Alice

Published in ASecuritySite: When Bob Met Alice

This publication brings together interesting articles related to cyber security.

Prof Bill Buchanan OBE FRSE
Prof Bill Buchanan OBE FRSE

Written by Prof Bill Buchanan OBE FRSE

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.

Responses (5)