Community discussions

 
luciarakan
just joined
Topic Author
Posts: 1
Joined: Fri Oct 12, 2018 6:19 pm

WPA2 preshared key brute force attack

Fri Oct 12, 2018 6:25 pm

It has come to our attention that a new way of brute force attack based on WPA2 standard using PMKID has come to light.

This attack actually is a brute force attack on WPA2 preshared key. The reason this attack is considered effective is because it can be performed offline, without actually attempting to connect to AP, based on a single sniffed packet from a valid key exchange.

This problem is not a vulnerability, but a way how wireless AP password can be guessed in an easier way.

In order to mitigate this type of attack you should use strong password that is hard to brute force.

To eliminate possibility of this attack entirely you can use WPA-PSK (do not forget to use aes-ccm encryption!). WPA-PSK does not include the field that is used to verify the password in this attack.
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 1626
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: WPA2 preshared key brute force attack

Sun Oct 14, 2018 12:28 am

Real admins use real keyboards.
 
Sob
Forum Guru
Forum Guru
Posts: 3576
Joined: Mon Apr 20, 2009 9:11 pm

Re: WPA2 preshared key brute force attack

Sun Oct 14, 2018 1:21 am

@BartoszP: Whole post is copy & paste from WPA2 preshared key brute force attack (which is also almost identical to content of your link). Could be just another spammer moving in.

Who is online

Users browsing this forum: No registered users and 22 guests