Just a quick note to let you know that 2 Japanese scientists (from Hiroshima and Kobe Universities) have found a practical way to crack WPA TKIP in about one minute, using a technique called “Beck-Tews”. This technique is not new. It has been discovered by some Germans back in november, but was somewhat limited in use (QoS was required) (and it took about 15 minutes to crack the key).
Now, this limitation has been broken using mitm + a new algorithm to apply the technique.
Their findings can be downloaded from http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%20on%20WPA.pdf
I guess it’s time to migrate to WPA2 (which has been supported on wi fi devices since 2006) AND never consider any wireless network as trusted… I always recommend using VPN on top of wireless networks, just to be safe & sure 🙂
Other links :
http://www.net-security.org/secworld.php?id=7962
http://isc.sans.org/diary.html?storyid=7027&rss
© Corelan Consulting BV. All rights reserved. The contents of this page may not be reproduced, redistributed, or republished, in whole or in part, for commercial or non-commercial purposes without prior written permission from Corelan Consulting bv. See our Terms of Use & Privacy Policy (https://www.corelan.be/index.php/legal) for more details.
Subscribe to get the latest posts sent to your email.
Type your email…
Subscribe
Peter Van Eeckhoutte is the founder of Corelan and a globally recognized expert in exploit development and vulnerability research. With over two decades in IT security, he built Corelan into a respected platform for deep technical research, hands-on training, and knowledge sharing. Known for his influential exploit development tutorials, tools, and real-world training, Peter combines a strong research mindset with a passion for education—helping security professionals understand not just how exploits work, but why.
Tags:
