4

I have just read about a new weaknesses in the WPA2 protocol called KRACKs. The authors of the paper says that they will release scripts that can be used to test if a network is exploitable when they have time. I would like to test this against clients right now to detect vulnerable networks. Are there any third party scripts available for this yet?

https://www.krackattacks.com/

Many of our clients use Ubiquiti and they have already issued a fix that is supposed to work.

More info on that fix here:

https://community.ubnt.com/t5/UniFi-Wireless/KRACK-update/td-p/2099105

https://community.ubnt.com/t5/UniFi-Wireless-Beta/WPA2-Cracked/m-p/2098888#M56838

Ogglas
  • 677
  • 4
  • 12
  • 26
  • I'm voting to close this question because it essentially asks if seconds after the problem got known third parties have already released their own tools. Please calm down, follow the media reports and if any scripts will be released by others you can be sure that these will be covered in the media too. security.stackexchange.com has no secret knowledge. – Steffen Ullrich Oct 16 '17 at 09:37
  • 1
    @SteffenUllrich From the site `Although this paper is made public now, it was already submitted for review on 19 May 2017. After this, only minor changes were made. As a result, the findings in the paper are already several months old. In the meantime, we have found easier techniques to carry out our key reinstallation attack against the 4-way handshake.` Ubiquiti and other manufacturers have also released patches prior to disclosure so it is not seconds after and a reasonable amount of people have probably been working on this.. – Ogglas Oct 16 '17 at 09:46
  • As far as I know this was a closed review and only selected vendors where notified. The issue is only publicly known for a very short time and you can be pretty sure that the media will cover it in their reports if somebody releases a public test tool or exploit as was the case with Heartbleed, Shellshock and other prominent vulnerabilities. Don't expect that somebody hid their tool all the time and will only announce it on this site. – Steffen Ullrich Oct 16 '17 at 10:01
  • Looks like kismet has initial detection capabilities https://twitter.com/KismetWireless/status/919911322451632128 – Rory McCune Oct 16 '17 at 13:16
  • @RоryMcCune, the Kismet update is about detecting the *use* of the attack, which isn't quite the "scan for vulnerable systems" tool that's being asked for here. – Mark Oct 16 '17 at 21:37
  • true which is why I added a commment not an answer :) but it's the closest there is so far... – Rory McCune Oct 17 '17 at 08:46

0 Answers0