Your IT Consultant
Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.
Easier to Crack WPA/WPA2 than Previously Thought
August 9, 2018
We already knew that WPA2 was susceptible to cracking (Krack Attack) last year. It's bad enough that WPA2 is vulnerable, but apparently it's much easier to compromise the encryption than previously thought. Security researcher and developer of the Hashcat password cracking tool Jens "Atom" Steube made the discovery of the vulnerability while trying to attack the new WPA3 security standard. Previously, the attacker had to wait for someone else to connect to the WPA2 in order to compromise the encryption. Not so.
Bleeping Computer details the steps needed to quickly compromise a WPA2 Wi-Fi network. Basically, you use the Hashcat password cracking tool to extract the RSN IE (Robust Security Network Information Element) from a single EAPOL frame. The end game is to get the Pre-Shared Key (PSK) of the wireless network, which will allow you access. The majority of users use the manufacturer's generated PSK value. In order to properly protect your wireless network it is important to create your own key rather than using the one generated by the router. In other words, change the defaults and use your own passphrase to generate the WPA2 key.
WPA3 can't come fast enough!
E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://www.senseient.com