All your wireless belong to us - Hacker

Posted by EM MAJ_COM On Monday, November 13, 2017
If you haven't read the news about all WPA2 protocol is vulnerable.

CERT Coordination Center (CERT/CC) has released information on Wi-Fi Protected Access II (WPA2) protocol vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to take control of an affected system. The vulnerabilities are in the WPA2 protocol, not within individual WPA2 implementations, which means that all WPA2 wireless networking may be affected. Source: Vulnerability Note VU#228519

It is a vulnerability attacking all modern Wireless Access Point that use WPA2 protocol to exploit clients connected on the wireless network. Exploiting this vulnerability requires the following:
  • Programming skills to run against the key reinstallation attacks (Kracks), currently the proof of concept script is not (yet) available to the public.
  • The attacker needs to be close to the WAP, know the SSID which is broadcasting by default.
  • Clone the wireless network and create a rouge channel.
  • Forwarding traffic to the rouge wireless network.
  • Initiate the SSLStrip tool to bypass SSL, commonly known as https that you see on a secured website.
  • Use Wireshark tool or other network snipping tool to capture wireless network traffic. This will see all the data in plain text e.g. username and password.
  • And do whatever they want on a stolen user credentials.
As you can see, the actions must be completed by someone who know how to initiate the attack. It is not designed for script kiddies.
Continue reading at website.

Related Posts :

0 Response to "All your wireless belong to us - Hacker"

Post a Comment

First things first: Connect through one of the following social media tools below:
Enter your email address:
Subscribe to KING.NET by Email Web Hosting 24x7 Phone Support. The ultimate in performance, control, and convenience.

Get a Free Bitcoin - Domain Name Registration and DNS Management. - All about Pets.
Pet By OWner. Web Hosting, SSL, Email, DomainName, and Dedicated Server.
For Ad Campaign, please send email to Support[@] Thank you.