Theo Dõi Bài Viết

công cụ kiểm thử tấn công KRACK Attacks

This script tests if APs are affected by CVE-2017-13082 (KRACK attack). See  the KRACK attack website for details  and also read ...

This script tests if APs are affected by CVE-2017-13082 (KRACK attack). See the KRACK attack website for details and also read the research paper.
CVE-2017-13082: Key Reinstall in FT Handshake (802.11r)
Script Usage Instructions
apt-get install libnl-3-dev libnl-genl-3-dev pkg-config libssl-dev net-tools git sysfsutils python-scapy python-pycryptodome
git clone
[15:48:47] AP transmitted data using IV=5 (seq=4)
[15:48:47] IV reuse detected (IV=5, seq=4). AP is vulnerable!
Suggested Solution
Impact and Exploitation Details
Copyright 2017 Mathy Vanhoef

Access Points (APs) might contain a vulnerable implementation of the Fast BSS Transition (FT) handshake. More precisely, a retransmitted or replayed FT Reassociation Request may trick the AP into reinstalling the pairwise key. If the AP does not process retransmitted FT reassociation requests, or if it does not reinstall the pairwise key, it is not vulnerable. If it does reinstall the pairwise key, the effect is similar to the attack against the 4-way handshake, except that the AP instead of the client is now reinstalling a key. More precisely, the AP will subsequently reuse packet numbers when sending frames protected using TKIP, CCMP, or GCMP. This causes nonce reuse, voiding any security these encryption schemes are supposed to provide. Since the packet number is also used as a replay counter for received frames, frames sent towards the AP can also be replayed.
In contrast to the 4-way handshake and group key handshake, this is not an attack against the specification. That is, if the state machine as shown in Figure 13-15 of the 802.11-2016 standard is faithfully implemented, the AP will not reinstall the pairwise keys when receiving a retransmitted FT Reassociation Request. However, we found that many APs do process this frame and reinstall the pairwise key.

We created scripts to determine whether an implementation is vulnerable to any of our attacks. These scripts were tested on Kali Linux. To install the required dependencies on Kali, execute:
apt-get update
Remember to disable Wi-Fi in your network manager before using our scripts. After doing so, execute sudo rfkill unblock wifi so our scripts can still use Wi-Fi.
The included Linux script can be used to determine if an AP is vulnerable to our attack. The script contains detailed documentation on how to use it:
./ –help
Essentially, it wraps a normal wpa_supplicant client and will keep replaying the FT Reassociation Request (making the AP reinstall the PTK). We tested the script on a Kali Linux distribution using a USB WiFi dongle (a TP-Link WN722N v1).
Remember that this is not an attack script! You require credentials to the network in order to test if an access point is affected by the attack.
This tool may incorrectly say an AP is vulnerable to due benign retransmissions of data frames. However, we are already releasing this code because the script got leaked. Please run this script in an environment with low background noise. Benign retransmissions can be detected in the output of the script: if two data frames have the same seq (sequence number), it’s a benign retransmission. Example of such a benign retransmission:
[15:48:47] AP transmitted data using IV=5 (seq=4)
Here there was a benign retransmission of a data frame because both frames used the same sequence number (seq). This wrongly got detected as IV reuse. There is code to fix this ready, but merging those fixes may take some time.
If the implementation is vulnerable, the suggested fix is similar to the one of the 4-way handshake. That is, a boolean can be added such that the first FT Reassociation Requests installs the pairwise keys, but any retransmissions will skip key installation. Note that ideally the AP should still send a new FT Reassociation Response, even though it did not reinstall any keys.

Exploiting this vulnerability does not require a man-in-the-middle position! Instead, an adversary merely needs to capture a Fast BSS Transition handshake and save the FT Reassociation Request. Because this frame does not contain a replay counter, the adversary can replay it at any time (and arbitrarily many times). Each time the vulnerable AP receives the replayed frame, the pairwise key will be reinstalled. This attack is illustrated in Figure 9 of the paper.
An adversary can trigger FT handshakes at will as follows. First, if no other AP of the network is within range of the client, the adversary clones a real AP of this network next to the client using a wormhole attack (i.e. we forward all frames over the internet). The adversary then sends a BSS Transition Management Request to the client. This request commands to the client to roam to another AP. As a result, the client will perform an FT handshake to roam to the other AP.
The included network trace example-ft.pcapng is an example of the attack executed against Linux’s hostapd. When using the wireshark filter == 7e:62:5c:7a:cd:47, notice that packets 779 to 1127 all use the CCMP IV value 1. This was caused by malicious retransmissions of the FT reassociation request.




.:: Connect Trojan ::.,111,.htaccess,2,0-day,3,10000+ Latest Carding Dorks 2020 and 2021,1,2017,2,Add-on,16,Affiliate,1,Anotador,1,AutoIT,17,BackDoor,1,Bán Sách,13,banhangonline,1,Bảo Mật,192,Bất Động Sản Tại Tiền Giang,5,Bestsellers,13,Binder,1,blog,31,Blogger,4,Blogger Template,1,Botnet,3,Brute,1,Bug Bounty,1,Bypass,11,camera,1,ceh,1,Châu Tinh Trì,2,Checked,6,Chrome,21,Code,5,coin hive,1,Coin-Hive,2,CoinHive,1,Connect Trojan,342,Connect Trojan ::.,1,Cổ Tích,2,Crack,3,Crypto,5,CSRF,5,CSS,2,Cuộc Sống,1,Dau tu,8,DDoS,6,Designer,1,Dich vụ,1,DNS,4,Download,2,du-an,3,DVD LUMION Tiếng Việt của anh Dũng Già Pro,1,Đam Mỹ,1,điện,1,Đồ Họa,215,Đô Thị,16,,1,ebook,18,ebook free,295,eBook Phệ Hồn Nghịch Thiên,1,eBook Thịnh Thế Địch Phi,1,Encrypt,1,Encryption,1,epub,76,epub [Tiên hiệp],1,ET-Logger,1,exploit,23,Exploitation,1,Extractor,2,facebook,69,FireFox,15,Flood,2,Forensic,7,full prc,2,game,177,Gerador,3,Gerenciador,1,Get Root,3,GHDB,3,Giả Tưởng,1,giaitri,1,Google,15,H&Y Shop,2,Hacker,3,Hacking,16,Hacking and Security,6,Hacking Tools,36,Hành Động,3,He Thong Site Phim,25,Hijacking,6,Hình Sự,1,hivecoin.hive coin,1,Hỏi Xoáy Đáp Xoay Trên VTV3,1,HTML,1,Huyền Ảo,92,Hướng dẫn Internet cơ bản,1,IFTTT,703,Imgur,2,Infographic,1,Information Disclosure,1,Internet Explorer,3,IT News,39,J2TeaM,29,J2TeaM Tools,9,JavaScript,6,Javascript Injection,3,Juno_okyo's Blog,23,Khóa Học,61,Khóa Học kiếm tiền online với accesstrade,5,khoá học miễn phí,28,Khóa học Photoshop,19,Khóa học sử dụng mã độc và phòng chống mã độc,2,Khoa Huyễn,6,khuyến mãi,16,kiemhiep,9,Kiếm Hiệp,20,Kiếm Tiền MMO,39,kiếm tiền rút gọn link,1,KilerRat,1,Kinh Dị,24,Kinh Dị - Ma,4,Kinh Doanh,73,kinhdi,1,kinhdoanh,5,KRACK Attacks,1,Lãng mạn,1,lazada,1,Lắp đặt trọn gói camera tận nhà giá rẻ tại Gò Công,1,Lập trình,2,Lịch Sử,5,Linux,1,Local Attack,2,Logins/Cadastro,1,Lỗi Web,1,Lược Sử Hacker,2,Mã Giảm Giá,2,Mã Hóa,48,Malware,3,Master-Code,31,Máy Tính,1,Metasploit,2,Microsoft,4,mobile hacking,2,monero,1,Movie,25,MySQL,1,NEW PRODUCTS,19,NGHỆ THUẬT ẨN MÌNH,13,ngontinh,10,Ngôn Tình,151,nhà đất,1,Nhà Đất Gò Công,1,Nhân Vật Lịch Sử,2,Nhật Bản,1,Nhựt Trường Group,1,NjRat,5,Nước,1,open redirect,1,Oracle,1,Path Disclosure,2,pdf,76,Pen-Test,6,Pentest Box,9,Phan mem Internet,1,phanmem,23,phanmemdienthoai,3,phanmemmaytinh,10,phần mềm,12,Phim 18,2,Phim 2012,1,Phim 3D,1,Phim Âm Nhạc,2,Phim Bộ,39,Phim Chiến Tranh,5,Phim Dã Sử - Cổ Trang,6,Phim Đài Loan,6,Phim Đề Cử,4,Phim Hài Hước,26,Phim Hàn Quốc,33,Phim HD Chất Lượng Cao,5,Phim Hoạt Hình,2,Phim Hot,1,Phim Hồng Kông,20,Phim HQ,2,Phim Kinh Dị,8,Phim lẻ,4,Phim Mới 2011,2,Phim Mới 2012,1,Phim Mới 2015,1,Phim Nhật Bản,4,Phim SD,3,Phim Thái Lan,6,Phim Thần Thoại,4,Phim Tình Cảm,35,Phim Trung Quốc,37,Phim Truyền Hình,19,Phim Viễn Tưởng,1,Phim Võ Thuật,36,Phim Xã Hội Đen,1,Phishing,5,PHP,16,Plugin,1,Port,1,post mẫu,1,prc,77,Programming,15,Python,1,Quảng Cáo,1,rat,457,Recovery,3,Remote Code Execution,1,Remote Desktop,1,Reverse Engineering,6,review,3,rút gọn link,1,sach,49,Sách,39,Sách Nghệ Thuật Sống,12,sách nói,1,Sách Tâm Linh,1,Sách Tiếng Anh,2,sachiep,2,sachnoi,1,Sản Phẩm,1,Sắc Hiệp,16,Scam,1,Scanner,10,Security,66,SEO,5,share,1,Shell,5,shop,1,Social Engineering,4,Software,22,Source Unity,1,SQL injection,21,Sức Khỏe,1,Symlink,3,Tài Chính,1,Tài chính cá nhân,2,Tài Liệu,1,Tản mạn,7,Taudio,2,Tâm lý xã hội,1,tấn công,1,Testador,1,Thái Lan,2,Tham Khảo,3,thamkhao,11,them,1,Thiệp Cưới,1,Thiết Kế Web,33,Thời Trang,2,Thủ Thuật Hacking,53,Thuyết Minh,1,tienhiep,5,Tiên Hiệp,123,Tiểu Thuyết,94,tiki,3,TIL,8,Tin Tức,52,Tips,39,tool,3,Tool Hack,14,Tools,9,Tổng Hợp,1,Tricks,26,Trinh thám,1,trojan original,48,Trọng sinh,11,Trộm mộ,1,Trung Quốc,1,Truyện,3,Trương Định,110,Tu Chân,2,TUTORIALS,124,Twitter,1,Ung_Dung,4,Upload,1,usb,1,vanhoc,11,văn học,6,vBulletin,7,video,16,Vietsub,1,Việt Nam,4,Virus,4,Võ Thuật,3,Võng Du,5,Vulnerability,19,Web Developer,15,webmau,5,WHMCS,3,WiFi,2,wiki lỗi máy tinh,1,wiki lỗi NTG,3,Windows,12,WordPress,43,Write-up,11,XSS,16,Yahoo,1,yeah1offer,1,youtube,11,
NhutTruong.Com - Chia sẻ kiến thức miễn phí: công cụ kiểm thử tấn công KRACK Attacks
công cụ kiểm thử tấn công KRACK Attacks
NhutTruong.Com - Chia sẻ kiến thức miễn phí
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content