15 Sep
2014
15 Sep
'14
9:39 a.m.
On 9/15/14, coderman <coderman@gmail.com> wrote:
... every implementation of WPA2 that i have tested is vulnerable to an active downgrade to TKIP/RC4 while still being "WPA2" and still showing all signs of using strongest security settings.
yes, this attack does require knowing the WPA passphrase (PSK) and no i have not looked at WPA-Enterprise mode (EAP-*). yes, just looking for populated michael MIC authenticator fields is probably sufficient to alarm if you've configured WPA2 only. yes, this is all for now. :) best regards,