sebsauvage.net

Ce site n'est pas le site officiel.
C'est un blog automatisé qui réplique les articles automatiquement

KRACK Attacks: Breaking WPA2

Monday 16 October 2017 at 13:24

Bon alors voilà, une bonne grosse faille sur WPA2, le standard qui sert à protéger/chiffrer le WiFi.
Et visiblement, tout le monde est concerné: « The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. »
Pas rassurant.

Résumé de la faille: (https://mastodon.social/@krypteia/98838905274377087)
« * 4-way handshake nonce reuse attack
* does NOT allow recovery of WIFI password or 4-way handshake negotiated encryption key (except for linux/android which can be tricked into using all-zero encryption key--lolz)
* does allow the attacker to preform a full MITM attack on a Wi-Fi connected client
* no access point patch can fix this, EVERY client device that connects to WiFi needs to be patched »

:-(

EDIT: Explication (et vulgarisation) de la faille en français: http://beta.hackndo.com/krack/
(Permalink)

Source: https://www.krackattacks.com/