Macy Wanhofp ( Mathy Vanhoef ), the author of Krack attack on wireless networks, revealed Information about 12 vulnerabilities , affecting various wireless devices. The identified problems are presented under the code name fragattacks and cover almost all in everyday life of wireless boards and access points – from the tested 75 devices, each is subject to At least one of the proposed attack methods.
Problems are divided into two categories: 3 vulnerabilities are detected directly in Wi-Fi standards and cover all devices that support the current IEEE 802.11 standards (problems are traced since 1997). 9 vulnerabilities relate to errors and flaws in specific implementations of wireless stacks. The main danger represents the second category, since the organization of attacks on standards flaws requires specific settings or performing a victim of certain actions. All vulnerabilities are manifested independently of the use of protocols to ensure Wi-Fi security, including when using WPA3.
Most of the identified methods of attacks allow an attacker to carry out the L2-personnel substitution in the protected network, which makes it possible to wake into the sacrificent traffic. As the most realistic scenario, the attacks are mentioned by the substitution of DNS replies to send the user to the host host. Also is given An example of using vulnerabilities to bypass the address translator on a wireless router and organizing direct access to the device on a local network or ignoring restrictions firewall. The second part of vulnerabilities, which is associated with the processing of fragmented frames, makes it possible to extract traffic data in a wireless network and intercept user data transmitted without using encryption.
The researcher prepared a demonstration showing how to use vulnerabilities for intercepting a password transmitted when accessing the HTTP site without encryption, and the use of smart outlet driven through Wi-Fi, in the form of a bridgehead to continue the attack on unnecessary devices on the local network having unaffected vulnerabilities (in particular managed to get control of the computer with Windows 7).
For the operation of vulnerabilities, the attacker must be within reach of the target wireless network, to send the victim a specially decorated frame set. The problem affects both client devices and wireless cards and access points and Wi-Fi routers. In general, it is enough to use HTTPS in combination with DNS traffic encryption using DNS OVER TLS or DNS OVER HTTPS. To protect the use of VPN.