Comments (4)
In the PoC the MITM attack is performed using a rogue AP which uses ip forwarding to use the rogue AP as an internet proxy.
I may be wrong, but seeing it like this means that the internal network (and intranet resources) isn't available to the attacker (because he cannot access the original AP, he still can blindly provide a fake router login page): therefore the password change cannot be sniffed but rather phished.
I'm happy to be proven wrong though
from krackattacks.
Most Wi-Fi routers allow plain HTTP connections to the administrative page.
Since it is possible with krackattacks to decrypt the wireless traffic, then it is possible that an attacker captured your access (i.e. username/password) to the admin page of the router.
Therefore, in terms of information security, all network traffic is considered potentially compromised until the patch is applied.
from krackattacks.
It's also possible that, with a MITM, the client is then compromised as an attack vector against the network segment(s) and/or router default password.
BTW, [router] devices should ship with randomized default (post-flash) passwords
from krackattacks.
It's possible that the user is being attacked while changing the password. Then the attacker might be able to decrypt the HTTP request configuring the new password. While possible, likely rare in practice. What I wanted to highlight is that updating passwords is not the solution. Instead people should update devices. Though to be really sure (i.e. to defend against the above situation) you can change your password after updating devices.
Interestingly, updating the Wi-Fi password with a vulnerable device actually increases risks! It means the attacker has a new opportunity to try to decrypt the password.
I solved this issue by rewording the last sentence of the answer.
from krackattacks.
Related Issues (16)
- Wifi HOT 2
- Authorization by cert HOT 1
- when we can see source of POC HOT 2
- How did you create the script? HOT 2
- Add a readme? HOT 7
- Applicability / Mitigation Matrix Request HOT 2
- Code to test vulneratibility HOT 7
- 怎么用的啊? HOT 2
- How does this works? HOT 1
- 2.4 CCMP nonce initializes to 1 on TK install HOT 1
- So Where is Script?) HOT 2
- unable to use hostapd HOT 3
- fail krack attack HOT 1
- vulnerability note VU#228519 link broken HOT 3
- found a typo in the whitepaper :: 'reseted' HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from krackattacks.