Nyowani yeWiFi yechokwadi kusakwana kwakaonekwa muLinux 

DarkcriztUpdated on

4 maminitsi

WiFi Vulnerabilities

Kusagadzikana kunokanganisa Android, ChromeOS uye Linux zvishandiso zvinobatana neWiFi network

Munguva pfupi yapfuura nhau dzakabvarura izvo Huviri hutsva hwekusagadzikana hwakaonekwa muLinux yakavhurwa sosi Wifi software mapakeji izvo zvinobvumira vanorwisa kuti vanyengedze vakakuvadzwa kuti vabatanidze kune akaumbwa network (FakeAP kutevedzera yekutanga) uye kubata traffic yavo.

Kusagadzikana kwakawanikwa kwakaonekwa mumapakeji IWD (Intel inet Wireless Daemon) uye wpa_supplicant, iyo inoshandiswa kubata kubatana kweLinux mutengi masisitimu kune isina waya network.

Chimiro cheutera - Mbiri mbiri dzechokwadi dzekupfuura kurwiswa pane yemazuva ano WPA2/3 network: imwe inopesana nevashandisi iyo inobatana ne Enterprise WiFi uye mumwe achipikisa iripo kumba WiFi network .

Zvazvinoita:

wpa_supplicant: Inobvumira munhu anorwisa kuti anyengere munhu akabatwa kuti abatanidze kune yakaipa clone yebhizinesi reWiFi network uye obva abata traffic yayo.

IWD: Inobvumira muvengi kuti awane mukana usina mvumo kune yakachengetedzwa yeWiFi network, ichifumura vashandisi varipo uye zvishandiso kurwisa.

Munyaya ye IWD, kusagadzikana (yakanyorwa pasi peCVE-2023-52161) inozviratidza chete kana nzira yekusvika painogoneswa, iyo isiri yakajairwa gadziriso yeIWD, yakagadzirirwa kunyanya kubatana kune isina waya network. Kusagadzikana uku inokutendera kuti ubatanidze kune yakasikwa yekupinda nzvimbo usingade kuziva password, semuenzaniso, kana mushandisi achipa mukana kune network kuburikidza nemudziyo wavo (hotspot).

Izvo zvinotaurwa kuti kushomeka kunobva mukutadza kuona kurongeka kwematanho panguva yekutaurirana isina waya. Iyi nhaurirano yakavakirwa pane 4-nhanho yekutaurirana chiteshi paunotanga kubatana kune yakachengeteka isina waya network. Dambudziko nderekuti IWD inogamuchira mameseji kune chero nhanho yenhaurirano iyi pasina kutarisa kana nhanho yapfuura yapera.

Semuyenzaniso, munhu anorwisa anogona kusvetuka kutumira meseji yedanho rechipiri obva atumira meseji yedanho rechina, nekudaro achinzvenga nhanho inosimbiswa. Paunenge uchigadzirisa iyi nhanho yechina meseji isina kunyatso simbisa, kiyi yePTK inoiswa kune zero. Neizvi, munhu anorwisa anogona kuverenga iyo MIC (Message Integrity Code) kodhi achishandisa null PTK, uye IWD inobvuma iyi kodhi yekuzivisa seinoshanda.

Nekuda kweizvozvo, anorwisa anopedzisa iyi chikamu chekubatanidza nhaurirano uye anowana mukana wakazara kune isina waya network, sezvo nzvimbo yekupinda ichizogamuchira chero mafuremu ayo anotumira akavharidzirwa nekiyi isina PTK. Zvakakodzera kutaura kuti dambudziko iri raive yakagadziriswa muIWD vhezheni 2.14.

Kune rumwe rutivi, wpa_supplicant vulnerability (CVE-2023-52160) inobvumira anorwisa kukwezva mushandisi. kune fictitious wireless network, ichiita se clone yetiweki iyo mushandisi anoda kubatanidza. Mhosva iyi mukushandiswa kwePEAP protocol inobvumira anorwisa kudarika nhanho yechipiri yehuchokwadi kana achibatanidza zvisirizvo mushandisi mudziyo, zvichiita kuti zvive nyore kugadzira fake clone yeWi-Fi network yakavimbika. Nyaya iyi inobata network ine WPA2-Enterprise kana WPA3-Enterprise inoshandisa PEAP protocol.

Nezvekusagadzikana uku, kunotaurwa kuti kuti ubudirire kuita kurwisa wpa_supplicant, mamwe mamiriro anofanira kutanga asangana:

  1. Server TLS certificate verification yakadzimwa: Mushandisi anofanira kudzima server TLS chitupa chekuongorora mune yavo wpa_supplicant marongero. Uku kugadziridzwa kune njodzi kunobvumira anorwisa kuti anyengedze mutengi kuti abatanidze kune fake network.
  2. Kuziva kweSSID yeiyo cloned network: Anorwisa anofanira kuziva iyo isina waya network identifier (SSID) yeiyo cloned network. Izvi zvinobvumira anorwisa kuti amise network yenhema inotevedzera network yepamutemo uye kunyengedza mutengi kuti abatanidze kwairi.
  3. Attacker positioning: Anorwisa anofanira kunge ari mukati mechikamu cheadaputara isina waya yemunhu akabatwa, asi kunze kwenzvimbo yekupinda yeiyo cloned wireless network. Izvi zvinoreva kuti anorwisa anofanira kunge ari pedyo zvakakwana kune akabatwa kuti abate traffic yavo, asi kure zvakakwana kubva kune yepamutemo nzvimbo yekuwana kuti mutengi asarudze network yenhema.
  4. Network mhando: Kurwiswa kunogoneka pamanetiweki uchishandisa WPA2-Enterprise kana WPA3-Enterprise inoshandisa iyo PEAP protocol. Iyi protocol inowanzo shandiswa munzvimbo dzebhizinesi uye dzedzidzo kuratidza vashandisi pane yakachengeteka isina waya network.

ari wpa_supplicant vanogadzira vanofunga kuti dambudziko harisi njodzi, sezvo ichingozviratidza pazvisizvo kugadziridzwa isina waya network anoshandisa EAP kuvimbiswa pamwe nePEAP pasina kuonesa sevha yeTLS chitupa. Kuderedza dambudziko iri, chigamba chakaburitswa , que inowedzera nzira yekumanikidzirwa yechikamu chechipiri chekusimbisa, pamusoro pekutarisa chitupa cheTLS. Nekudaro, kugadzirisa zvizere kusagadzikana, manetiweki manejimendi anofanirwa kugadzirisa cheni yekuvimba kuti vaone sevhavha setifiketi vachishandisa ca_cert parameter.

Finalmente Kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo.


Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako