|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Dragos Ruiu (dr
kyx.net)
Date: Fri Nov 07 2008 - 13:33:08 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 7-Nov-08, at 9:37 AM, Thierry Zoller wrote:
> WPA is not cracked, a way was found to brute TKIP.
Not quite exactly... The actual impact is unclear due to the
complicated exploitation mode.
And there are suggestions that it can be expanded upon...
The attack lets AP -> Client communications be decrypted, and a
hostile attacker can inject traffic.
Client -> AP communications are not threatened yet, AFAIK.
What can be done with this capability is still to be evaluated. The
complicated part comes in the
fact that part of this attack is cryptographic weakness, and part of
it is a protocol weakness.
It will take some more study before it is fully understood and the
full scope of impact is known IMHO.
cheers,
--dr
--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan November 12/13 2008 http://pacsec.jp
Vancouver, Canada March 16-20 2009 http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]