Using WPA2 wireless? Patch up ASAP!

[ch33zw1z]

its gone through some changes, now i do the WAP with upgrade command and just give it the download link.

client patches with be the leg work. i have two samsung phones, two nests, a roku and two printers.

two printers will just go back to wired, as wireless was just a test thing anyways.

roku ill put back on wired.

im mostly concerned about the phones, but i dont run wifi while out and about so im not too worried. but i have to wait for ATT to roll it out, or root and install a rom thats patched.

the nest thermostats both updated on october 17th. i havent found much from nest about this yet, i may open a ticket.

overall, im not really concerned. i live in the middle of nowhere, and someone would need to be within a couple hundred feet to do this.

edit: work gives me an apple phone, which i also dont use wifi on, once a month i turn wifi on and back it up.

so pretty much have to brute force make a list of clients, keep track, and assess vulnerability by where you are and what you have.

 

[ch33zw1z]

3.9.3 is the latest version so I presume it has the patch, but I'll have to test with that krackattack script when I'm home as I presume I need to test through wifi.

Watch the video. The attack is duplicating a SSID to a target and dupes the WPA2 into recreating the encrytion key

Controller is not adopting it anymore though, so it is what I feared. Have to update that too. Can't seem to find much info on how to upgrade it so I'll have to do more searching. Last time I ended up just setting it up from scratch so might have to do the same. There has to be some kind of way to upgrade it though, I can't imagine having to do it from scratch each time for an organization running 100's of APs.

Right, it's not like that. Typically, you backup the config inside the controller software, update the controller software, restore config. I've had issues with adopting the WAP after a controller upgrade. I run a single SSID, nothing complex, so not a big deal. Enterprises running 100's of WAP's would be smart to engage Ubiquiti support prior to trying it out, and at least have a current config backup.

 

[BarkingGhostar]

Guys, anyone looking to crack one of my networks must be desperate. First, there is the lack of challenge. That means I put you into the group of cheaters in online gaming. Makes one feel like a big man. Secondly, just getting into my network has to have something of benefit, but I am not seeing it compared to better targets. Heck, just spending one's time at a local coffee shop would be better, IMO. So, if the assorted rednecks and millennials and good for nothings around me want to have a stab at me then its their time.

Next, it isn't as if I am not wanting to do something. Unless I move onto 3rd party firmware then I am either having to replace what I have or wait out the manufacturer. Which would you do? Which have you done? Also, even if my network is cracked what is there to get beyond access to my Internet access? I'm not one of those people that leaves computers running. When I'm not using it, it is off. Same for the wife.

So, before you find fault in me, step into my shoes first. I'm more than willing to implement a manufacture patch, but it doesn't exist. I'm not keen on moving into 3rd party solutions because they've proven, on prior assessment, to have <50% wifi performance based on my equipment and others' testing, which actually made it into the 3rd party firmware notes.

 

[Red Squirrel]

Watch the video. The attack is duplicating a SSID to a target and dupes the WPA2 into recreating the encrytion key



Right, it's not like that. Typically, you backup the config inside the controller software, update the controller software, restore config. I've had issues with adopting the WAP after a controller upgrade. I run a single SSID, nothing complex, so not a big deal. Enterprises running 100's of WAP's would be smart to engage Ubiquiti support prior to trying it out, and at least have a current config backup.

That's the part I was having issues with, could not really figure out what the steps were as everything I found was for windows or Debian (the package you download is a .deb file) but not if you had an install on a non debian server that was just a bunch of files in a folder (as opposed to being "installed" in the system). But I ended up figuring it out on my own through brute force.

I think when I originally installed it the download was a tar.gz file and then you extract and run it in place. So I just had it setup in a folder. But manged to extract all the right files from the .deb to replace the old ones so all is good.

 

[ch33zw1z]

@BarkingGhostar

your phones will be the prime target. usernames and passwords, stored credit card data, etc...

enterprises providing mobile devices to employees are prime targets, potentially very fruitful to compromise an enterprise device, and it doesnt make a difference if theyre at a work location or at home.

read my post a few back, before you get to crazy. make a list of your devices, research each, and keep track. stay off public wifi like libraries, coffee shops, etc...thats most likely where attackers will target first.

 

[ch33zw1z]

That's the part I was having issues with, could not really figure out what the steps were as everything I found was for windows or Debian (the package you download is a .deb file) but not if you had an install on a non debian server that was just a bunch of files in a folder (as opposed to being "installed" in the system). But I ended up figuring it out on my own through brute force.

I think when I originally installed it the download was a tar.gz file and then you extract and run it in place. So I just had it setup in a folder. But manged to extract all the right files from the .deb to replace the old ones so all is good.

well, they dont support it. i cant imagine you dont have a spare vm to spin up that's debian

 

[BarkingGhostar]

@BarkingGhostar

your phones will be the prime target. usernames and passwords, stored credit card data, etc...

enterprises providing mobile devices to employees are prime targets, potentially very fruitful to compromise an enterprise device, and it doesnt make a difference if theyre at a work location or at home.

read my post a few back, before you get to crazy. make a list of your devices, research each, and keep track. stay off public wifi like libraries, coffee shops, etc...thats most likely where attackers will target first.

Don't use cloud services or keychains (no stored passwords). Have a dummy mailbox and no credit card info exists on the phone. But what does exist is the VPN app, which runs all of the time.

 

[Red Squirrel]

well, they dont support it. i cant imagine you dont have a spare vm to spin up that's debian

This already is a VM lol. Originally it was fine for CentOS then they changed the way they package it. Next time it might be a Rpm, who knows, so no point in creating another VM as I'd probably end up dealing with this again next time I need to upgrade, though that was kind of my plan B if I could not figure it out.

 

[ch33zw1z]

Don't use cloud services or keychains (no stored passwords). Have a dummy mailbox and no credit card info exists on the phone. But what does exist is the VPN app, which runs all of the time.

If you use those things, just don't do it over WiFi until your device is patched.