-1

How the KRACK attack destroys nearly all Wi-Fi security

arstechnica.com/information-technology/2017/10/how-the-krack-attack-destroys-nearly-all-wi-fi-security/

Key Reinstallation Attacks

krackattacks.com

There is the vulnerability in wpa_supplicant in linux.

This means wireless-client and WISP modes are also vulnerable due to the unpatched KRACK?

Because this means all the "plain text" traffic that go through the targeted router can be compromised by MitM attack?

Edit 1:

I edited to explain how different is my question to "Is it really possible for most enthusiasts to crack people's Wi-Fi networks?"

This question is more specific on a single issue. However, if some or many see a narrower one must be "duplicate", they always have their rights to see and express in that way.

But I don't think that's healthy for the community as a whole.

Well, there may be just me after all.

Edit 2:

What if a KRACK vulnerable client can lock on channel? Does it make a difference to non-channel-lock client?

Community
  • 1
sandthorn
  • 111
  • 9
  • I am confused by what your question is exactly. The answer to both your questions are answered by research on the particular attack. Can you edit your question and specifically specify what your question is? – Ramhound Oct 18 '17 at 18:26

1 Answers1

1

Yes, any device that hasn’t been patched for KRACK, and that is acting as a Wi-Fi client, can have the its wireless-layer encryption stripped off. Hopefully your favorite apps and websites are using encryption at higher layers, such as TLS.

But an attacker within radio range of your unpatched network could at least see the names of the websites you’re connecting to, because even TLS doesn’t hide that.

Spiff
  • 101,729
  • 17
  • 175
  • 229
  • What if clients who are vulnerable to KRACK can lock on "channel"? are they still be vulnerable versus non-channel-lock clients? – sandthorn Oct 19 '17 at 03:41
  • @sandthorn, yes they are still vulnerable. The channel difference was only used in the "proof of concept" code created by those who discovered the flaw initially. The KRACK exploit detailed in the paper does not require a change in channel and a change in channel may not be present in future examples of how this exploit is used. – YLearn Oct 19 '17 at 04:34
  • @YLearn Is "https strip off" also possible without forcing channel change? – sandthorn Oct 19 '17 at 04:51
  • @sandthorn, "https strip off" has nothing to do with KRACK. Is is a well established exploit used when one can perform a MitM attack. As such, yes it is possible without forcing a channel change. – YLearn Oct 19 '17 at 04:53