Wireless Security
Re: [Dailydave] All Ur WiFi(WPA) R Belong 2 PacSec Nov 08 2008 11:52PM
Raul Siles (raul siles gmail com) (1 replies)
The associated whitepaper from the authors has been released on the
aircrack-ng links page:
http://dl.aircrack-ng.org/breakingwepandwpa.pdf
--
Raul Siles
www.raulsiles.com

Early details: http://radajo.blogspot.com/2008/11/wpatkip-chopchop-attack.html

On Fri, Nov 7, 2008 at 5:41 PM, Stephen John Smoogen <smooge (at) gmail (dot) com [email concealed]> wrote:
> On Fri, Nov 7, 2008 at 8:27 AM, Dave Aitel <dave (at) immunityinc (dot) com [email concealed]> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> This article has a good summary of the technique, for those not going
>> to Japan. While good work, it's not going to worry me if I have a WPA
>> network set up at home or as part of my business. At least, not yet
>> (and maybe not ever - we'll see :> ).
>>
>> The other mitigating factors according to the article are:
>> o It works like chopchop on small packets only
>> o Busy networks might make it impractical
>> o You can only send packets from the AP to the endpoints
>>
>> http://arstechnica.com/articles/paedia/wpa-cracked.ars
>
> Hmmm it would be interesting to see what kind of devices have a
> higherlevel renegotiate .. as in I am told by the 'AP' that old WPA
> key is no longer accepted but can you send in the clear or switch to
> this new WPA key (or go to WEP or ROT13). Then you just set up your
> directional attenae with a bigger generator and get everyone to start
> talking to you outside the building versus inside.
>
>
>
> --
> Stephen J Smoogen. -- BSD/GNU/Linux
> How far that little candle throws his beams! So shines a good deed
> in a naughty world. = Shakespeare. "The Merchant of Venice"
> _______________________________________________
> Dailydave mailing list
> Dailydave (at) lists.immunitysec (dot) com [email concealed]
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>

[ reply ]
Re: [Dailydave] All Ur WiFi(WPA) R Belong 2 PacSec Nov 09 2008 10:14PM
Cedric Blancher (blancher cartel-securite fr)


 

Privacy Statement
Copyright 2010, SecurityFocus