It just got easier to crawl the password for your network
It just got easier to crawl the password for your network
Share onIn any case, if you are using WPA2-PSK.
Developers of the Hashcat password scraping tool claim that they have found a new way to use cracker network passwords. This method is additionally faster than other similar methods.
In any case, if you are using WPA2-PSK.
Developers of the Hashcat password scraping tool claim that they have found a new way to use cracker network passwords. This method is additionally faster than other similar methods.
One data packet
The new technology implies that the user only needs to sniff up a single data packet from a wireless network in order to destroy the Force-Decrypter WiFi password.
Previously, one had to wait for someone logged in to the network before catching up with the four-way handshake process used to authenticate users with access points. This was then used to brute-force-search the password of the network. With the new technique, the attack is made against the RSN IE to a single EAPOL frame.
Can restore WPA2 PSK key
This technique works with WPA and WPA2-secured networks where PMKID-based roaming features are enabled. If the attack is successful, the attacker could recover the WPA2 PSK key.
"This method was discovered by chance while trying out new ways to attack the WPA3 standard," said Jens Steube, one of the developers behind Hashcat for The Register.
Done in less time than other methods
His team found that when the attacker has RNS IE information, the PMKID can be extracted using packet capture tools. Then, the PMKID becomes a brute force decrypted using Hashcat. This can often be done in less than ten minutes. If the WPA2-PSK key is hard to guess (over 20 characters, upper and lowercase letters, special characters, etc.), the process will be difficult to implement. The method will not work with WPA2-EAP.
Steube said that the attack method is ideal because you can get in much less time since you do not need information from other users or devices - only the information that the router itself sends to all users.
In conclusion, he said he believes that the method can only be used against routers using the IEEE 802.11i/p/q/r protocols with roaming features enabled.