What's new

KRACK WPA2 Vulnerability Exposed

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Great series of videos on the KRACK attack:


If you're confused about how this exactly works or why this is only client side patchable (though AP mitigations can be made), then I'd strongly recommending watching this series all the way through
 
Most access points including Asus routers and wireless access points do have modes where the asus device is a client.

Clients are the ones that have the biggest issue.

So routers/ap will need to patch their client modes.
 
Its 99.99% a client issue not an station AP issue.

Though if you use your router to connect to another router to extend range then its an issue.
 
Last edited by a moderator:
There is a really interesting Fast Transition (FT) handover (CVE-2017-13082) issue that is entirely an access point problem.

Basically a sniffing and mostly undetectable attacker can capture a ton of traffic with reused nonce with a single key violating principles of one-time pad crypto. Could do crypto-analysis on the captured data to possibly decrypt afterwards or do some weird attacks involving replaying stale data and messing with application layers that can't handle it properly.
 
Its 99.99% a client issue not a station AP issue.
Actually it is a "station" issue as station (STA) is the term typically used to describe a device being in client mode. As opposed to access point mode (AP) which is what a wireless router would usually be in.
 
Last edited by a moderator:
So if my novice self can understand: clients ie devices that use WiFi are the weak link in this hack not the routers themselves - unless they are used as a repeater 'device'. - True?
 
Its 99.99% a client issue not a station AP issue.

Though if you use your router to connect to another router to extend range then its an issue.

This is not correct, if you AP implements fast roaming 802.11r it is also vulnerable.
 
Last edited by a moderator:
Good news for all Android user who can install (or have already) the alternative firmware LineageOS (successor of CyanogenMod):

"All official 14.1 builds built after this tweet have been patched for KRACK."

Source: Twitter

So: Your phone will be save as soon as you get the next update from LineageOS! :cool:
 
Last edited:
This is not correct, if you AP implements fast roaming 802.11r it is also vulnerable.

okay, what does it mean if we are using asus routers? what option shall I turn off in any of my asus routers? as far as I know, the "Roaming assistant" is not 802.11r, so disabling it won't change anything. or am I wrong and this partial(?) implementation of 802.11r can be dangerous for us?
 
openwrt and lede have been pulling driver, wifi supplicants, and hostapd changes in over the past 24 hours (as of 8am pst, 10/17), so a fair amount of upstream effort has been happening.

Note - if building off the lede main, they recently rebased the toolchain on gcc 5.5.0 earlier this week, so it's going to be a long build process... line below will bring the current local dir to current.

git pull && ./scripts/feeds update -a && ./scripts/feeds install -a && make menuconfig

then to the build - make V=s
 
raspberry pi - jessie and stretch have updates online - use apt to bring things up to date.
 
Wireless drivers need patching too. I installed an update from Intel today to address CVE-2017-13080 and CVE-2017-13081 on my Thinkpad Yoga 15.

On Linux, `wpa_supplicant` is used to perform that handshake; it's been patched already on RHEL and CentOS at least. The drivers should not be vulnerable, as far as I understand it.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top