Cybersecurity

6060 readers

101 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

WPA3 upgrade module using a small SBC? (slrpnk.net)

submitted 4 months ago by [email protected] to c/cybersecurity

5 comments fedilink hide all child comments

I had this thought.

Many IOT devices, including local devices like printers, streaming boxes, cameras etc. may be outdated.

Those may use Wifi but only support WPA2, which can be easily cracked using Kali Linux, a kernel module integrated in Kali, and aircrack.

Many of these devices have an Ethernet or at least USB jack. Ethernet will always work, USB over usb-tethering should work often.

Couldnt you just use a tiny sbc, with a wifi antenna and support for WPA3, and serve the connection via Ethernet or USB to the device?

Like a small plug-in adapter.

Should be rock stable and update atomically and automatically (waiting for you, CentOS bootc, Alma bootc, Rockylinux bootc).

Do you know if this exists or have some caveats in mind?

you are viewing a single comment's thread
view the rest of the comments

[–] deranger 4 points 4 months ago (1 children)

WPA2 exploit has been mostly fixed for years now, and it’s only the router that’s affected. They just needed to implement some rate limiting on guessing WPA PINs. I stopped cracking a majority of routers this way 10 years ago or so. Only someone running a very outdated router at this point would be susceptible. Update your firmware, turn off WPA PIN access, enjoy.

[–] [email protected] 1 points 4 months ago (1 children)

Interesting, didnt know that!

[–] deranger 1 points 4 months ago

Ten, twelve years ago this exploit was the shit. I was in the military at the time and used Backtrack r5 lots while traveling around to get internet when I didn’t have access. All it has to do is guess a 4 digit code and a 3 digit code separately, once you hit success on the WPA PIN you get the SSID and password. Takes a couple hours if it’s not a default PIN IIRC. Coolest script kiddie thing I did since sending Sub7 to people back in the early 00s.

These days I don’t really bother. You might be able to pull it off on some really old hardware which does exist, but anyone who got a router in the past 6-8 years likely wouldn’t be susceptible. Might as well try exploiting your own router just to see.