Login

Register

Login

Register

Proof of Concept Released for kr00k Wi-Fi Vulnerability



The code demonstrates a relatively simple method to exploit a vulnerability in more than a billion devices.

Researchers at HexWay have demonstrated a proof-of-concept (PoC) exploit of kr00k, a significant Wi-Fi vulnerability first described by Eset researchers in February. The vulnerability forces a device to use an encryption key of all zeroes under certain circumstances. The PoC shows that the circumstances are not difficult to achieve.

In the PoC, a python script called r00kie-kr00kie is used to force a device to disassociate from the network; any data packets left in the device’s Wi-Fi chip are encrypted with all zeros and can then be flushed and read. The action can be conducted repeatedly, potentially gathering large amounts of unencrypted data from the victim.

kr00k was estimated to have had an impact on well over 1 billion devices, including some from Apple, Amazon, Google, Raspberry Pi, Samsung, and Xiaomi. Device owners are urged to be sure that their devices have been updated to the latest operating system and firmware releases.

For more, read here and here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

More Insights





Click here for the Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW