Hashcat Developer Discovers Simpler Way To Crack WPA2 Wireless Passwords

New submitter Woodmeister shares a report: While looking for ways to attack the new WPA3 security standard, Hashcat developer Jens "Atom" Steube found a simpler way to capture and crack access credentials protecting WPA and WPA2 wireless networks. The attacker needs to capture a single EAPOL frame after requesting it from the access point, extract the PMKID from it by dumping the recieved frame to a file, convert the captured data to a hash format accepted by Hashcat, and run Hashcat to crack it. Once that's done, the attacker has the Pre-Shared Key (PSK), i.e. the password, of the wireless network. Depending on the length and complexity of the password and the power of the cracking rig, that last step could take hours or days. "The main difference from existing attacks is that in this attack, capture of a full EAPOL 4-way handshake is not required. The new attack is performed on the RSN IE (Robust Security Network Information Element) of a single EAPOL frame," Steube explained. This makes the attack much easier to pull off, as the attacker doesn't depend on another user and on being in range of both the user and the access point at the exact moment when the user connects to the wireless network and the handshake takes place.

Re:Use good passwords

[Xenolith0]

MAC whitelists do NOTHING for security.

First, anyone who can sniff the wifi traffic can see all the mac addresses.
Second, in Linux you can change your MAC to whatever you want with one command:

ip link set dev enp0s3 address DE:AD:BE:EF:CA:FE

Re: Use good passwords

What i have at home is a faraday cage with the router and a comfy chair inside it.

Re: Use good passwords

What am I, a network administrator? Who's got time for that

I give them my neighbor's SSID and password, which I've cracked. Problem solved.