15 Sep
2014
15 Sep
'14
10:23 a.m.
On 9/15/14, coderman <coderman@gmail.com> wrote:
... yes, this is all for now. :)
i lied and one last clarification before day is done: why do you care if this assumes knowledge of the pairwise master key? a) my poc sucks; make a better one able to manipulate EAPOL frames without PMK! b) presumably still useful if client SNonce is missed (easier to hear loud access points than quiet clients behind more obstacles?) switch to WPA2-EAP-PWD, WPA2-EAP-TTLSv0|v1, WPA2-EAP-PEAP, anything other than PSK... i can't say for sure that WPA-Enterprise is immune to this attack, but it is certainly better in many respects regardless.