Cybersecurity

5537 readers

27 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago

MODERATORS

[email protected]

WPA3 upgrade module using a small SBC? (slrpnk.net)

submitted 3 weeks ago by [email protected] to c/[email protected]

5 comments fedilink hide all child comments

I had this thought.

Many IOT devices, including local devices like printers, streaming boxes, cameras etc. may be outdated.

Those may use Wifi but only support WPA2, which can be easily cracked using Kali Linux, a kernel module integrated in Kali, and aircrack.

Many of these devices have an Ethernet or at least USB jack. Ethernet will always work, USB over usb-tethering should work often.

Couldnt you just use a tiny sbc, with a wifi antenna and support for WPA3, and serve the connection via Ethernet or USB to the device?

Like a small plug-in adapter.

Should be rock stable and update atomically and automatically (waiting for you, CentOS bootc, Alma bootc, Rockylinux bootc).

Do you know if this exists or have some caveats in mind?

top 5 comments

sorted by: hot top controversial new old

[–] [email protected] 6 points 3 weeks ago

Is the WPA2 specification actually broken? Or just various unpatched implementations of it? I thought many vendors patched against the KRACK attack.

[–] [email protected] 4 points 3 weeks ago (1 children)

WPA2 exploit has been mostly fixed for years now, and it’s only the router that’s affected. They just needed to implement some rate limiting on guessing WPA PINs. I stopped cracking a majority of routers this way 10 years ago or so. Only someone running a very outdated router at this point would be susceptible. Update your firmware, turn off WPA PIN access, enjoy.

[–] [email protected] 1 points 3 weeks ago (1 children)

Interesting, didnt know that!

[–] [email protected] 1 points 3 weeks ago

Ten, twelve years ago this exploit was the shit. I was in the military at the time and used Backtrack r5 lots while traveling around to get internet when I didn’t have access. All it has to do is guess a 4 digit code and a 3 digit code separately, once you hit success on the WPA PIN you get the SSID and password. Takes a couple hours if it’s not a default PIN IIRC. Coolest script kiddie thing I did since sending Sub7 to people back in the early 00s.

These days I don’t really bother. You might be able to pull it off on some really old hardware which does exist, but anyone who got a router in the past 6-8 years likely wouldn’t be susceptible. Might as well try exploiting your own router just to see.

[–] [email protected] 3 points 3 weeks ago

Seems doable - my first thought would be to use an esp c6 that supports WiFi 6 and wpa3, and im sure I've seen some people bit bang fast ethernet from a microcontroller and bridge that to the WiFi.

My main problem is that I have wpa2 iot devices that don't have Ethernet ports, so they won't connect to my ssid which has 6ghz enabled and thus is forced by my router manufacturer to be in wpa3 only mode.