Hole196: WPA2 vulnerability, following the webinar
On August 4, a webinar on the WPA2 encryption for WiFi networks Hole196 vulnerability was held. This vulnerability was first reported during the Black Hat 2010 conference in Las Vegas in July of this 2010. 
The basis for vulnerability. In the case of WPA2 encryption, a successfully authenticated client receives a key for unidirectional data transfer and a key for broadcast data (GTK). Encryption of the broadcast stream is built so that it is impossible to determine the substitution of the sender's mac address (see page 196 of the IEEE 802.11 standard ). The page number of the standard gave the name for the vulnerability.
The webinar speakers suggested 2 ways to exploit the vulnerability:
')
Method one. A successful network client sends a broadcast ARP request stating that it is the default gateway. As a result, other clients on the network will send their traffic to him and not to the host that was the gateway earlier.
What about encryption? It's simple. Each of the clients, as before, will send an encrypted stream to the access point, which, in turn, will decrypt it and send it to the forged gateway.
A gateway can be a node on a wireless network and a node on a wired network.
The second way. Attack on denial of service. The attacker sends a lot of broadcast packets than blocking work on the network.
The measures proposed by the authors of the discovery:
- Remove WPA2 from GTK and encrypt broadcast transmissions as unidirectional;
- Use their wonderful software to identify attacks;
The authors transparently hint that WPA2 should guarantee the isolation of the data stream by encrypting not only from the outside world but also from its neighbors in the network.
What I want to mention as a resume.
1.To carry out criminal activities you need to be able to connect to the network.
2. Attributes used when connecting to other clients (passwords, certificates) remain unknown.
3. The same can be done simply by connecting to the wire behind the access point.
In my opinion, the protocol could not be opened. The ability to pretend to be the default gateway has long been known, and it can be eliminated anyway. Hints on the guarantee of isolation of neighbors on the network are more like speculation, especially since after an access point, the data streams from all clients are decrypted and merged into one.
Those interested can watch and listen to the webinar recording link
https://m2l.market2lead.com/wt/lt.do?m2lc=1209453900-54-1216016214 .
The basis for vulnerability. In the case of WPA2 encryption, a successfully authenticated client receives a key for unidirectional data transfer and a key for broadcast data (GTK). Encryption of the broadcast stream is built so that it is impossible to determine the substitution of the sender's mac address (see page 196 of the IEEE 802.11 standard ). The page number of the standard gave the name for the vulnerability.
The webinar speakers suggested 2 ways to exploit the vulnerability:
')
Method one. A successful network client sends a broadcast ARP request stating that it is the default gateway. As a result, other clients on the network will send their traffic to him and not to the host that was the gateway earlier.
What about encryption? It's simple. Each of the clients, as before, will send an encrypted stream to the access point, which, in turn, will decrypt it and send it to the forged gateway.
A gateway can be a node on a wireless network and a node on a wired network.
The second way. Attack on denial of service. The attacker sends a lot of broadcast packets than blocking work on the network.
The measures proposed by the authors of the discovery:
- Remove WPA2 from GTK and encrypt broadcast transmissions as unidirectional;
- Use their wonderful software to identify attacks;
The authors transparently hint that WPA2 should guarantee the isolation of the data stream by encrypting not only from the outside world but also from its neighbors in the network.
What I want to mention as a resume.
1.To carry out criminal activities you need to be able to connect to the network.
2. Attributes used when connecting to other clients (passwords, certificates) remain unknown.
3. The same can be done simply by connecting to the wire behind the access point.
In my opinion, the protocol could not be opened. The ability to pretend to be the default gateway has long been known, and it can be eliminated anyway. Hints on the guarantee of isolation of neighbors on the network are more like speculation, especially since after an access point, the data streams from all clients are decrypted and merged into one.
Those interested can watch and listen to the webinar recording link
https://m2l.market2lead.com/wt/lt.do?m2lc=1209453900-54-1216016214 .
Source: https://habr.com/ru/post/101571/
All Articles