Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Does the attacker need to know PTK and GTK to attack other device? #3

Closed
zyz2015 opened this issue May 14, 2021 · 5 comments
Closed

Comments

@zyz2015
Copy link

zyz2015 commented May 14, 2021

Hi @vanhoefm

I have some doubts about these attacks.

The precondition of these attacks is that the attacker has already known PTK and GTK to attack other device, right? If yes, I don’t think this is a vulnerable loophole. The key point is that the attacker should have no way to know the PTK.

If the attacker has already known the PTK GTK, then he can do anything.

Maybe he should explain how he gets the PTK first.

@zyz2015 zyz2015 changed the title Does the attacker need to know PTK and PMK to attack other device? Does the attacker need to know PTK and GTK to attack other device? May 14, 2021
@vanhoefm
Copy link
Owner

vanhoefm commented May 14, 2021

No. Where did you get this incorrect information from? If an attacker knows the PTK it means Wi-Fi security has already been broken. All the attacks work without knowing the password of the network.

The cache attack (CVE-2020-24586) does have a more exotic threat model. When an AP is vulnerable, this flaw can be exploited in Hotspot 2.0 or Enterprise networks, as long as the adversary also has credentials that are needed to connect to this network. But even there the adversary does not know the PTK of the victim! And the adversary also does not know the credentials of the victim.

@n3000
Copy link

n3000 commented May 22, 2021

No. Where did you get this incorrect information from? If an attacker knows the PTK it means Wi-Fi security has already been broken. All the attacks work without knowing the password of the network.

The cache attack (CVE-2020-24586) does have a more exotic threat model. When an AP is vulnerable, this flaw can be exploited in Hotspot 2.0 or Enterprise networks, as long as the adversary also has credentials that are needed to connect to this network. But even there the adversary does not know the PTK of the victim! And the adversary also does not know the credentials of the victim.

Hi, i'm a wifi beginner, i still have a question. Do you mean that the attacker do not have to know the password of the target AP? I've learned that STA and AP transmit encrypted Data after 4-Way-Handshake, if the attacker does not know the password, how can he decrypt the raw Qos packet, inject the second A-MSDU subframe and encrypt the packet ?

@vanhoefm
Copy link
Owner

Which material did you read to try to understand the attack?

The raw QoS packet is not decrypted, only its "is aggregated" flag in the header is flipped. The packet is specially constructed by the server that is contacted when the victim e.g. loads an image from the attacker's server. The adversary is not encrypting packets.

@n3000
Copy link

n3000 commented May 23, 2021

Which material did you read to try to understand the attack?

The raw QoS packet is not decrypted, only its "is aggregated" flag in the header is flipped. The packet is specially constructed by the server that is contacted when the victim e.g. loads an image from the attacker's server. The adversary is not encrypting packets.

Thanks for your reply. I just wonder
whether the attacker knows the password of target AP in A-MSDU inject attack?

@vanhoefm
Copy link
Owner

No, as mentioned, only the cache attack has a more "exotic" threat model (where the credentials unique to the victim are still not known though!).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants