Rich Freeman on 16 Oct 2017 08:23:14 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Wpa2 oops


On Mon, Oct 16, 2017 at 6:13 AM, KP <kperry@daotechnologies.com> wrote:
> On October 16, 2017 8:37:04 AM EDT, Rich Freeman <r-plug@thefreemanclan.net>
> wrote:
>>
>>
>> The one question I have about this is whether somebody can use this
>> attack to connect to an AP.  That is actually my biggest concern -
>> somebody connecting to my home WiFi and now they're free to attack
>> random hosts (some more secure than others), and also to send
>> heaven-knows-what to the internet at large with my door being the one
>> the FBI kicks down at 2AM.
>
> I'm still digging through the early talk on this but the short answer is yes
> and an attack tool is up on git.
>
> Here's another link...
>
> https://www.google.com/amp/s/arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/%3Famp=1
>

I don't see anything in that article about connecting to an AP.  I see
plenty of talk about reading the data going through two connected
devices, and TCP connection hijacking, but not WiFi connection
hijacking.

From what I've seen so far they can see what is going on in a
connection, and manipulate data going through it, but they can't
actually connect to the AP directly and just send arbitrary traffic
through it.  However, that could just be a lack of detail.

Put another way - my phone is connected via WPA2.  You can
receive/transmit whatever you want with both hosts.  I power off my
phone.  Can you now open a TCP connection to an arbitrary host when I
have no legitimate devices on the network, though you did have the
ability to interact with legitimate devices earlier?  Or are you
limited to just tampering with traffic passed by a legitimate host?

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug