Hacking WPA3 with Mathy Vanhoef & Retia
Рет қаралды 67,299
3 жыл бұрынWPA3 is the next generation of Wi-Fi security but that doesn't mean it's perfect. Find out how it works, and how it's already been hacked!
Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
____________________________________________
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Our Site → www.hak5.org
Shop → www.hakshop.com
Subscribe → kzbin.info...
Support → / threatwire
Contact Us → / hak5
Threat Wire RSS → shannonmorse.podbean.com/feed/
Threat Wire iTunes → itunes.apple.com/us/podcast/t...
Host: Kody → / kodykinzie
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong.
@pewcfpv8056 3 жыл бұрын
Woah! Congrats to being a part of Hak5! That's huge!
@tomf00lery 3 жыл бұрын
Great stuff, love this format. 👍
@devtar-gaming 3 жыл бұрын
Me too. Keep it up!
@MrKristian252 3 жыл бұрын
Woah, Kody from Nullbyte is here!! Nice to see a familiar face on the show
@JohnDoe-wi7eb 3 жыл бұрын
Must be a old video kody has long hair now
@harshilshah980 3 жыл бұрын
He makes regular appearances here...
@ankit168 3 жыл бұрын
But I believe same WPA2 cracking tools don't work for WPA3 and Dos we can see it is happening but since Deauth is not there so cracking is possible ?? Or Just Brute force based on timing attack ?
@doodmonkey 3 жыл бұрын
Great stuff, thanks for the presentation.
@serversC13nc3 3 жыл бұрын
Nice to see you never blink in hack5.
@funguy4290 2 жыл бұрын
It's easier and harder than it's ever been. Keep making stuff.
@user-md1jg6vj1r 3 жыл бұрын
Yes! this is what I like. Technical details
@subliminal9535 3 жыл бұрын
THE SAME PERSON THAT WROTE 5HE ENCRYPTION CAN UNWRITE IT the problem is the trust of humans everybody has a price
@TechTutorialsDavidMcKone 3 жыл бұрын
Good to know. Thanks for sharing
@ghosttech9921 3 жыл бұрын
Tip 1 - never join any open network.
@a21123 4 ай бұрын
can someone deauth me if i use macchanger?
@netoeli 3 жыл бұрын
Hak5 bringing the hacking family together since 2005
@krollik8 2 жыл бұрын
Тут полный бред. Так wifi не ломается.
@HousewerkRecords Жыл бұрын
Great video with lots of info. To sum this up, there’s no real point using wp3 yet as it’s still vulnerable. Hard wire everything that needs a steady connection I guess.
@_unkn0wn._ 3 жыл бұрын
Yes kody keep it going bro 😎
@mizdebsk 2 жыл бұрын
every time someone floods my router with DOS I triangulate their signal with 2 drones flying around and at the end I send my dogs after them.
@daddyelon4577 8 ай бұрын
How do you operate two drones at once?
@antiimperialista 4 ай бұрын
@@daddyelon4577 with four hands
@50crowley 2 ай бұрын
@@daddyelon4577 They control one and the dog controls the other.
@hb3643 Жыл бұрын
Thx for the content. Do we have any tool that do these attacks. Any proof of concept?
@chipko 3 жыл бұрын
Yey! Kody! Are you part of the hak5 team now?!
@ricseeds4835 3 жыл бұрын
This isn't his first appearance
@TheRealKitWalker 3 жыл бұрын
Yes, he joined hak5 😏
@sontodosnarcos Жыл бұрын
While it is possible to use brute force on WPA3, using a 24-digit password consisting of lower und uppercase letters, numbers and special characters should still make it virtually impossible for hackers to crack your password.
@raghavendra5698 Жыл бұрын
802.11w came before WPA3. de-auth for client and encrypting de-auth or disassociate is defined in 11w . But in wpa3 made compulsory to support. Where as made as optional. WPA3 defined protecting in more complex authentication process ( now 4 handshake ) before it was 2 way authentication handshake in wpa2
@cajay4825 3 жыл бұрын
Can i get the Link to white paper please to understand vulnerability even better.
@OftFilms 3 жыл бұрын
Nullbyte nice to see you here too
@pi1392 3 жыл бұрын
is that Vegas talk Pre Corona?
@userou-ig1ze 3 жыл бұрын
Oooohhh Darren... Smooorseee... ok I accept change... 'blink blink' thanks for the video and info
@FunMaxClub 2 жыл бұрын
should i buy macbook air with 8 gb ram and 256 gb of storage for network engineer and can you suggest for for this please
@davidg4512 3 жыл бұрын
Why can't wifi work like TLS to change some keys, the operate normally?
@khari83637 Жыл бұрын
3:22 My understanding is with perfect forward secrecy their not learning your “password” as its never exchanged via the handshake. They would capture the session key but that keys is temp. ?
@unknownanonymous4735 2 жыл бұрын
hi, very nice, but what does that iteration mean? 5:10
@An.Individual 5 ай бұрын
I'm not convinced he has found a vulnerability worth worrying about
@mikeharborson1901 5 ай бұрын
Nope... the reason the video only talks of wpa3 for the very last 10% of the video.......... GRR!!!!!
@johanwennerberg1923 Жыл бұрын
Sorry for late comments. Would mac address allow, for my list, hinder this DDOS?
@vidhuchawla-indietrigg8000 Жыл бұрын
I have these protocals - - wep - wpa2 - wpa2 mixed - wpa3 - wpa2/wpa3 mixed Wich one is the best and strong? Plzz help!!
@CallMeKRSNA Жыл бұрын
Hackers are like Hah this update is lol
@juliettaylorswift 3 жыл бұрын
so shocking seeing blackhat footage with all the people and maskless, i know 2019 footage and was before it all went down. Really miss defcon...still waiting on more details about this year tho.
@juliettaylorswift 3 жыл бұрын
@Sec Codercould have phrased better-that footage was from 2019 (on some of the signage). Before it went down as in before covid/pandemic. Black hat is happening this year in person, and I have no idea if it did it not last year as I don't attend black hat. Defcon is happening this year in some form of part online part in person, but details are still limited.
@mysterychemical 2 жыл бұрын
4:58 You cannot freaking leak my router password that way.
@krollik8 2 жыл бұрын
Тут специально показан бред. Потому что wifi ломается по другому.
@philipm1896 3 жыл бұрын
This can't be Kody. I seen him blink 😉
@jasonpitts8395 3 жыл бұрын
I heard a rumor that the next gen Iphone will use a random MAC as a client, and use a diff MAC for the next AP, and so on.
@sethadkins546 3 жыл бұрын
Most devices already have this capability.
@RedPill420 2 жыл бұрын
Android does this already
@TheErraticTheory 2 жыл бұрын
Why not just have a set wait to respond timeout? Instead of forcing the 40 iteration calculations. That way you don’t need to compute, just waiting to respond as if you did.
@f.3850 Жыл бұрын
What do you mean
@chamodsachintha3095 3 жыл бұрын
Ohhh nullbyte in Hak5
@vladimirmuzik8648 3 жыл бұрын
I was never this early.
@kristoffseisler2163 3 жыл бұрын
where can you even get a wpa3 router? i have ddwrt but but it seems its bugged and it never worked for me. but does wpa3 exist for modern routers nowadays?
@Bierkameel 3 жыл бұрын
Router? My Aruba Instant On Accesspoints support WPA3.
@user-md1jg6vj1r 3 жыл бұрын
AVM routers
@kristoffseisler2163 3 жыл бұрын
@@logmeindog alright thats nice. yeah i know sucks about kong but still using ddwrt for those custom iptables firewall rules
@forgottenone1973 3 жыл бұрын
just installed openwrt on a xiaomi ac2100. can set wpa3 security too.
@wildyato3737 3 жыл бұрын
@@logmeindog Hey does WPA3 2019 vulnerabilities has been patched yet? And what were you talking about downgrade attacks?isnit possible when using Mixed type of network?..or WPA3 is inherited from WPA2??
@BlaMurda 3 жыл бұрын
What's with the season and episode numbering? We skipped 29x02, then the thumbnail for this says 26x14? I try to keep an accurate backup of Hak5 (among others) in case the world ends is all...
@retiallc 3 жыл бұрын
We uploaded this a longggggg time ago, with the pandemic we put production on hold for awhile.
@BlaMurda 3 жыл бұрын
@@retiallc ah, was just curious. Thank you, also good video.
@hcr1 3 жыл бұрын
Hi Does a device that support wpa2 could connect to wpa3 access point without updating the firmware in the client side?
@yumri4 3 жыл бұрын
From what i can gather both of them have to support the same standard. So for a device only with WPA2 the access point would also have to support WPA2 for the device to be able to connect. For WPA3 i do suggest waiting for the finalized version of it before you go update your firmware to support it. To many changes made right now to say that it would be a good idea to do so as it might become incompatible with the released version of WPA3.
@mattymooo100 3 жыл бұрын
Nullbyte is awesome!!!
@HectorDiabolucus 3 жыл бұрын
Why don’t wireless devices just use SSL?
@jimgrayson4828 Жыл бұрын
What about capturing the hand shake
@kentharris7427 3 ай бұрын
Easy Peasy. Simply create an evil twin Wi-Fi that has a higher signal strength then the original router, most of all PCs and Smart phones keep a Wi-Fi password list for a quick connection to the network. Personally haven't tried it, sounds feasible however.
@katanasteel 3 жыл бұрын
wouldn't it just be better to do the minimal amount of iterations, and then just sleep the remaining time (so just specify the handshake to take say 250ms)? that way the multiple auths won't overload the routers as sleeping shouldn't take resources...
@henrycook859 2 жыл бұрын
Right?? Timing attacks are incredibly easy to patch, I'm sure they've thought about that but this video doesn't sufficiently explain why timing attacks "can't" be prevented.
@katanasteel 2 жыл бұрын
@@henrycook859 1 added bonus the AP will leak less information whether the auth was successful or not... when they always takes 250ms.
@krollik8 2 жыл бұрын
Можно просто слушать эфир и перехватить рукоподатия. Все это полный бред.
@omkhard1833 3 жыл бұрын
nullByte being God Every time ...... even with HAK5
@omkhard1833 3 жыл бұрын
Black Hat Seagale are godplace
@themtg5151 3 жыл бұрын
When did you start making videos for hak5🤣
@robertopacheci3724 3 жыл бұрын
🤣🤣
@retiallc 3 жыл бұрын
About a year and a half ago!
@mallubot7074 3 жыл бұрын
is this reuploaded
@grandmakisses9973 3 жыл бұрын
Null byte!?!?!?
@StarkThure 3 жыл бұрын
Waiting for wpa4
@wildyato3737 3 жыл бұрын
For next 25 years🙏
@icanfixit1553 3 жыл бұрын
i guess only thing we can do is PHISH which has always been best way
@obscenity 3 жыл бұрын
oh no, this website leaked into the hak5 channel, at least this video is very unlike theirs, which is good
@irukard 3 жыл бұрын
40 iterations? Lol... Why not random time delay?
@hellofriend3091 3 жыл бұрын
I just block the original network and make a clone of that network and capture the password with my cloned host..o think that will work
@francoisleveque145 3 жыл бұрын
Can’t block it in wpa3
@hellofriend3091 3 жыл бұрын
@@francoisleveque145 what about jamming?? With node mcu
@francoisleveque145 3 жыл бұрын
@Sec Coder if you do an evil twin and can’t deauth the first network there will be 2 access point with same essid
@hellofriend3091 3 жыл бұрын
@Sec Coder yes the concept is same im talking about doing it manually and you are about automation with wifite
@hellofriend3091 3 жыл бұрын
@Sec Coder i write my own tool it will work with high computing power, if wp3 is not blockable then its a security issues already,, think deeply
@upup5133 3 жыл бұрын
0:30 is it hacked twice or 3 times? LOL
@matthewpepperl 3 жыл бұрын
wpa2 seems fine just require 25 character passwords and a certain amount of entropy it already requires at least 8 chars anyway problem solved
@matldn2697 3 жыл бұрын
true, my password is 25 digit, totally non dictionary
@adinasa8668 3 жыл бұрын
I Have 20 chars pass unique pass and they still hacked my device i dont know how in wpa2 ,they controled my car in Asphalt 9 on the Nintendo switch ,unbelivable
@matldn2697 3 жыл бұрын
@@adinasa8668 Probably you were infected with a key logger?
@krollik8 2 жыл бұрын
Достаточно иметь хороший пароль. И ни кто не взломает.
@InfiniteQuest86 3 жыл бұрын
I'm confused. Why do a bunch of nonsense work that could mess with lightweight devices rather than just wait a fixed amount of time to respond? If the response takes longer, it could still leak some info, but much less than before.
@krollik8 2 жыл бұрын
Ломается это по другому.
@TechnicalHeavenSM 3 жыл бұрын
Tutorial?🙂🙂🙂
@TechnicalHeavenSM 3 жыл бұрын
@XOSPHERE GAMING ☹️☹️☹️
@TechnicalHeavenSM 3 жыл бұрын
@XOSPHERE GAMING ya, bro..
@heysuvajit 3 жыл бұрын
NullByte 😊
@timbrown805 Жыл бұрын
I just don't use Wi-Fi or Bluetooth anymore at all. Imo they are no longer to be trusted mic drop
@mikeharborson1901 5 ай бұрын
for house lights/no-risk automation, no prob. For anything sensitive, wired is just better anyways for reliability and performance!!
@BurkenProductions 2 жыл бұрын
It's pronounced "vpa-3" not double you we pee a three
@krollik8 2 жыл бұрын
Полный бред. Ни кто не подбирает пароль к самому роутеру.
@evengraintech1397 2 жыл бұрын
bro. Blink
@_unkn0wn._ 3 жыл бұрын
HELLO IM FIRST
@sylae_music 3 жыл бұрын
lol nobody cares
@retiallc 3 жыл бұрын
@@sylae_music Don't listen to him bro I care
@ArthurTugwell 3 жыл бұрын
Correct - The first loser.
@ArulKumarJAKj 3 жыл бұрын
Hello !!! Can you reduce yours talking. Such boring ..... Give tips and commands to us ...it's fine👍and this vedio without talking is 2-3 min😂
@DarinCates 3 жыл бұрын
WAIT WAIT ....... He is a man but talks like a little girl. Watch his mannerisms. That's a girl
@RedPill420 2 жыл бұрын
You paying attention to another man's mannerisms when the video is about WPA3 sounds sus to me
@HornyGrandma Жыл бұрын
What's at risk if one were to simply commit to whitelist every approved device to a network, besides the time and maintenance to make sure the list is up to date? would the connection be secure and then it'd fall upon the device that's connected to make sure it isn't comprimised?
@triggermike420 Жыл бұрын
MAC filtering uses this concept. The connection would be secure, but it also isn't terribly difficult to spoof whitelisted device IDs, actually providing a method of entry. A capture of network packets would reveal the MAC addresses of whitelisted devices, giving an attacker exactly what they need to breach your network.
PADLOTOON
Рет қаралды 34 МЛН
Mathy Vanhoef
Рет қаралды 3,2 М.
BSides Prishtina
Рет қаралды 189 М.
notebook-31
Рет қаралды 108 М.
LED Screen Factory-EagerLED
Рет қаралды 9 МЛН