事件說明
Wi-Fi Security Standards Timeline
1997
802.11 Ratification -> Wired Equivalent Privacy(WEP)
2003
Wi-Fi Protected Access (WPA)
2004
Wi-Fi Protected Access ll
(WPA2)
2018
Wi-Fi Protected Access lll (WPA3)
Key Reinstallation Attacks
Breaking WPA2 by forcing nnonce reuse
four-way handshake sequence
source: http://www.wifi-professionals.com/wp-content/uploads/2019/01/4-WAY-handshake.png
WPA2 被破解影響
- credit card, password, chat message, images, mail are maybe hacked.
- due to Android use wpa_supplicant, android and base on linux device inference hardly
實作環境
- windows on PC
- AP
- Kali
- password
指令說明
- sudo su 開啟root
- airmon-ng 查看無線網路
- airmon-ng check 查看可能影響的程序
- airmon-ng check kill 將這些程序清掉
- airmon-ng
- airmon-ng start wlan0
- airodump-ng wlan0
- airodump-ng -w hack3 -c 6 –bssid {MAC} wlan0
防禦方式 留言
- use https
- do not use unknow Wi-Fi
- disable router mode
- update router configuration
