|
|
Tool to Bypass WPA-TKIP to be Released Next Week - TechAmok
Tool to Bypass WPA-TKIP to be Released Next Week - [security]
06:11 AM EST - Nov,09 2008 - post a comment As I reported earlier, researchers have discovered a method that bypasses WPA encryption and will release the exploit tool next week. Fret not, for there are fixes you can use, such as switching to WPA2 or changing the WPA algorithm from TKIP to AES. Better check your Wi-Fi networks.
With the exploit tool in hand, hackers will be able break into networks that have WPA with TKIP encryption. TKIP is a predecessor of AES and was developed to overcome the flaw with WEP [Wired Equivalent Private] security. WPA is essentially WEP with a couple of fixes. The TKIP algorithm rotates keys between clients and access points after enough packets pass between them. By default, most routers on the market change the keys every couple of hours. The exploit takes advantage of this data flowing to and from access points and masquerades its packets by inserting its own and passing them to clients. The packet insertion bypasses the countermeasures used by routers can catch the malicious activity. From a computer's point of view, the data packets appear to belong to a legitimate access point. According to Farina, just seven packets are needed to gain access to a computer.
Researchers found it even easier to gain access to wireless networks that are using QoS [Quality of Service]. Networks that mix data and voice packets often rely on QoS to prioritize the voice data. However, data packets with QoS are rearranged in sequential order so that they travel faster and are received efficiently. The protection algorithm used by TKIP was relaxed to allow for QoS.
As the exploit tool gains access to a computer, hackers can easily inject new packets and install and execute tools such as Metasploit that can give them permanent access. Metasploit is a large toolkit for testing exploits and it uses well known exploits in its arsenal. Rick said, "With 2 or 3 packets you can fit most tools in the Metasploit toolkit," Farina said.
Because the exploit is specific, users simply need to change the WPA encryption to work with AES or change it to the much more hardened WPA2. If your router doesn't support WPA2, the best course of action is to shorten the timing of the TKIP in the routers, so that keys are refreshed every two minutes or less. The fast refresh makes it harder but not impossible for hackers to gain access. The best course of action, however, is to buy a new router that supports WPA2.
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Oct,25 2025 New Big Windows 11 25H2 October Update - New Taskbar Battery Icons Oct,25 2025 Apple Prepping 'Transfer to Android' Feature, Including 3rd-Party Oct,24 2025 HW News - RIP Internet, RAM Prices Skyrocket from AI Demand, Intel Oct,21 2025 Retro Gaming PC Upgrades go WRONG! Oct,21 2025 How social media has ruined us - the more time you spend online, the Oct,20 2025 FERRARI 12 CILINDRI // 340KMH REVIEW on AUTOBAHN Oct,20 2025 ROG Xbox Ally X - a PC Gamer's Perspective Oct,20 2025 Race Highlights | 2025 United States Grand Prix Oct,18 2025 RedMagic Puts Liquid Cooling in its New Gaming Phone Oct,18 2025 Russia Says U.S. Is Planning a $37 Trillion Crypto Reset Oct,18 2025 Tor Browser says no to Firefox's AI features as it removes them Oct,14 2025 NVIDIA GeForce 581.57 WHQL Driver Oct,13 2025 Samsung One UI 8.5 vs iOS 26 - COMPARISON Oct,12 2025 Google Turned Down by Supreme Court, Must Open up App Payments Oct,10 2025 AMD releases new 25.10.1 preview graphics driver with Battlefield 6 Oct,10 2025 MERCY Official Trailer (2026) Chris Pratt Oct,07 2025 Galaxy S26 Ultra - Samsung, Please Don't Copy This Oct,06 2025 Canada's Las Vegas Sphere is here - and I game on it Oct,06 2025 Predator: Badlands - Official Final Trailer (2025) Oct,04 2025 Chasing a Gaming World Record Oct,02 2025 Frankenstein - Official Trailer (2025) Guillermo del Toro, Oscar Oct,02 2025 iPhone 17 Pro Max vs 16 Pro Max / Pixel 10 Pro XL / Galaxy S25 Ultra Sep,30 2025 iOS 26.0.1 is Out! - What's New? Sep,30 2025 NEW! 2026 Audi Q3 2.0 TFSI (265hp) vs. e-hybrid (272hp)| 0-100 km/h Sep,29 2025 Samsung One UI 8.5 Hands on - I Was Wrong Sep,28 2025 iPhone Air Teardown - What is 3D Printed Titanium? Sep,28 2025 Nvidia Wouldn't Send Me This $30,000 GPU - H200 Holy $H!T Sep,27 2025 The Astronaut - Official Trailer (2025) Kate Mara, Laurence Sep,25 2025 iPhone 17 Durability Test -- What Scratches are Permanent? Sep,23 2025 iPhone 17 Pro Max vs. Galaxy S25 Ultra Drop Test! Sep,21 2025 Race Highlights: A Swing In The Drivers' Title Fight? | 2025 Sep,21 2025 BYD Yangwang U9 Hits 496.22 KM/H - EV Supercar Speed Record Sep,21 2025 I'm FIRST to Unbox The World's Biggest TV Sep,21 2025 Samsung Begins Rollout of Android 16 to Rest of Lineup Sep,21 2025 iOS 26 Now Available, with Visual Intelligence Sep,21 2025 Apple's iPhone 17 Series is Nearly Hack-Proof Sep,21 2025 Qualifying Highlights - 2025 Azerbaijan Grand Prix Sep,20 2025 iPhone 17 Pro vs Samsung S25 Ultra Camera Comparison! Sep,20 2025 iPhone Air Durability test -- I AM SHOCKED Sep,15 2025 Microsoft warns Office 2016/2019 users to switch to the cloud as
>> News Archive <<
| |
|
