|
|
Tool to Bypass WPA-TKIP to be Released Next Week - TechAmok
Tool to Bypass WPA-TKIP to be Released Next Week - [security]
06:11 AM EST - Nov,09 2008 - post a comment As I reported earlier, researchers have discovered a method that bypasses WPA encryption and will release the exploit tool next week. Fret not, for there are fixes you can use, such as switching to WPA2 or changing the WPA algorithm from TKIP to AES. Better check your Wi-Fi networks.
With the exploit tool in hand, hackers will be able break into networks that have WPA with TKIP encryption. TKIP is a predecessor of AES and was developed to overcome the flaw with WEP [Wired Equivalent Private] security. WPA is essentially WEP with a couple of fixes. The TKIP algorithm rotates keys between clients and access points after enough packets pass between them. By default, most routers on the market change the keys every couple of hours. The exploit takes advantage of this data flowing to and from access points and masquerades its packets by inserting its own and passing them to clients. The packet insertion bypasses the countermeasures used by routers can catch the malicious activity. From a computer's point of view, the data packets appear to belong to a legitimate access point. According to Farina, just seven packets are needed to gain access to a computer.
Researchers found it even easier to gain access to wireless networks that are using QoS [Quality of Service]. Networks that mix data and voice packets often rely on QoS to prioritize the voice data. However, data packets with QoS are rearranged in sequential order so that they travel faster and are received efficiently. The protection algorithm used by TKIP was relaxed to allow for QoS.
As the exploit tool gains access to a computer, hackers can easily inject new packets and install and execute tools such as Metasploit that can give them permanent access. Metasploit is a large toolkit for testing exploits and it uses well known exploits in its arsenal. Rick said, "With 2 or 3 packets you can fit most tools in the Metasploit toolkit," Farina said.
Because the exploit is specific, users simply need to change the WPA encryption to work with AES or change it to the much more hardened WPA2. If your router doesn't support WPA2, the best course of action is to shorten the timing of the TKIP in the routers, so that keys are refreshed every two minutes or less. The fast refresh makes it harder but not impossible for hackers to gain access. The best course of action, however, is to buy a new router that supports WPA2.
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Dec,27 2025 Samsung TriFold Durability Test: We found the limit Dec,26 2025 TRUST WALLET CONFIRMS SECURITY BREACH Dec,26 2025 Xiaomi 17 Ultra Leads And Samsung To Follow With A 10 Percent Price Dec,25 2025 Merry Christmas Gaming Insanity Dec,24 2025 Battlefield 6 - Official PS5 Features Trailer Dec,24 2025 NVIDIA GeForce Hotfix Driver 591.67 Released Dec,23 2025 Finally! A Battery That's Better Than Energizer and Duracell! Dec,22 2025 NVIDIA Killing Cheap 16GB Local AI GPUs? Dec,21 2025 Top 10 Movie Sequels of All Time Dec,21 2025 He Built a Privacy Tool. Now He's Going to Prison (Kone Rodriguez, Dec,20 2025 Insane Moves! B-Boy Shigekix vs. B-Boy Issin - Red Bull BC One World Dec,20 2025 9800X3D & RTX 5070 Ti Gaming PC - MSI Project Zero Done Right Dec,19 2025 The XG27AQWMG Sets a New Standard for 1440p OLED Dec,19 2025 OnePlus 15R Boasts Huge 7,400 mAh Battery Dec,19 2025 Motorola Refreshes moto g power for 2026 Dec,18 2025 NVIDIA GeForce 591.59 WHQL Driver Dec,18 2025 Are We Quitting YouTube Due To DRAM Apocalypse? Dec,16 2025 The Samsung TriFold is AWESOME! Dec,16 2025 $30 vs $30,000 TV Dec,16 2025 Stranger Things 5 - Volume 2 Trailer Dec,14 2025 Google Brings Live Video Sharing to 911 Calls on Android Dec,14 2025 Samsung One UI 8.5 Will Offer New Features Dec,14 2025 Dell AW3225QF Review - 32-inch curved gaming monitor Dec,13 2025 HW News - AMD Says AI Definitely, Absolutely Not A Bubble, New Dec,13 2025 The BEST Smartphones of 2025! Dec,11 2025 10 Atmospheric Games That Might CHANGE YOUR LIFE Dec,11 2025 Samsung Galaxy S26 Ultra - Samsung Isn't Hiding It Anymore Dec,10 2025 AMD Releases Adrenalin Edition 25.12.1 WHQL Drivers Dec,10 2025 S25 Ultra VS 17 Pro Max Dec,09 2025 All You Need Is Kill - Official Trailer Dec,09 2025 Why can’t you be NORMAL?!? Roasting Staff Setups Dec,09 2025 A Ryzen Cooling MONSTER - be quiet Silent Loop 3 Review Dec,07 2025 The Boys - Official Final Season Trailer Dec,06 2025 Unemployed in your 30's Dec,05 2025 Play Store Customers to Receive Automatic Payments from $700 Million Dec,05 2025 Google's Second Release of Android 16 Brings Smart Notifications Dec,05 2025 Netflix To Buy Warner Bros for $82.7 Billion Dec,03 2025 Micron to Exit Crucial Consumer Business, Ending Retail SSD and DRAM Dec,02 2025 Samsung Galaxy Z TriFold Unboxing! Nov,30 2025 Top 5 Best CPUs of 2025
>> News Archive <<
| |
|
