mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
fragattacks: tweaks to README and SUMMARY
This commit is contained in:
parent
68922c28f4
commit
8b48cf302c
@ -2,8 +2,9 @@
|
||||
|
||||
# 1. Introduction
|
||||
|
||||
The discovered vulnerabilities affect all Wi-Fi networks. The resulting attacks are identical against WPA2 and WPA3
|
||||
because their CCMP and GCMP encryption ciphers are identical.
|
||||
The discovered vulnerabilities affect all Wi-Fi networks. A short summary of all vulnerabilities can be
|
||||
found [here](SUMMARY.md), although we also recommend reading the [paper](fragattacks.pdf). The resulting
|
||||
attacks are identical against WPA2 and WPA3 because their CCMP and GCMP encryption ciphers are identical.
|
||||
|
||||
Older WPA networks by default use TKIP for encryption, and the applicability of the attacks against
|
||||
this cipher are discussed in the paper. To illustrate that Wi-Fi has been vulnerable since its creation,
|
||||
|
@ -26,7 +26,7 @@ This document contains a summary of the discovered vulnerabilities. Every bullet
|
||||
|
||||
- **Accepting plaintext data frames when connected to an encrypted network**: Vulnerable implementations accept plaintext (fragmented) frames when connected to an encrypted network. An adversary can abuse this to inject arbitrary packets independent of the network configuration.
|
||||
|
||||
- **Forwarding EAPOL frames even though the sender is not yet authenticated**: Vulnerable APs will forward EAPOL frames to other clients even though the sender has not yet authenticated. Although on its own this cannot be abused to attack the AP, it facilitates attacks against connected clients.
|
||||
- **Forwarding EAPOL frames even though the sender is not yet authenticated**: Vulnerable APs will forward EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. On its own this cannot be abused to attack the AP, but it does make it easier to exploit certain vulnerabilities in connected clients.
|
||||
|
||||
- **Not verifying the TKIP MIC of (fragmented) frames**: Vulnerable implementations do not verify the Message Integrity Check, i.e., authenticity, of (fragmented) TKIP frames. An adversary can abuse this to inject and possibly decrypt packets.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user