DRAGONBLOOD VULNERABILITY IN WPA3 WIFI SECURITY MAKES WPA3 WIFI SECURITY VULNERABLE

DRAGONBLOOD VULNERABILITY IN WPA3 WIFI SECURITY MAKES WPA3 WIFI SECURITY VULNERABLE

Dragonblood Vulnerability In WPA3 Wi-Fi Security Makes WPA3 Wi-Fi Security Vulnerable. This event of finding a vulnerability in the most secured wifi security level WPA3 named Dragonblood hints towards that there is nothing such as the most secure thing. WPA3 WiFi security was released just a couple of months back towards the end of 2018 and here we are today using the most secured or either vulnerable WiFi security level for our privacy and data protection.

ABOUT WPA3 WIFI SECURITY

WPA3 is the the latest version of WiFi security standard which was released by Wifi Alliance towards the end of 2018. Before the introduction of WPA3 WiFi security, people all over the world were using WPA2 WiFi security which was running for the past 14 years. This WPA2 Wifi security was found vulnerable as a result WPA3 wifi security was 98introduced.

FLAWS IN WPA3 WIFI SECURITY

FLAWS IN WPA3 WiFi SECURITY that was discovered were divided into two categories by the researcher.

The first category of the discovered vulnerability consisted of a series of downgraded attacks that could be used against WPA3-capable devices to check whether they are vulnerable using the known wifi hacking methods that are very much prevalent?

The second category, as said by the security researcher, consisted of a weakness in the Dragonfly handshake of WPA3. This Dragonfly handshake of WPA3 in the Wi-Fi standards by Wifi alliance can/is referred to as the Simultaneous Authentication of Equals (SAE) handshake. This Dragonfly handshake vulnerability method discovered the flaws in WPA3 wifi security.

ABOUT DRAGONBLOOD VULNERABILITY

The Dragonfly handshake forms the core of WPA3 wifi security. It is used in certain Wi-Fi networks which as common require a username as well as a password for connecting and using the Wifi.

The dragonfly connection method is also used in the EAP-PWD protocol. However, the flaw which was found against WPA3 also worked perfectly well against EAP-PWD connections, making it possible for getting hacked by any hacker. Hackers using the Dragonblood vulnerability can even recover a user's password when EAP-PWD security measure is used. The security researcher also discovered a series of serious bugs in most products that used EAP-PWD security connection measure. This can allow any person to thereby access the Wi-Fi network easily even without knowing the user's password for the wifi network.

Although EAP-PWD is used very less in number, still, this vulnerability is a serious threat for users using WPA3 security as well as EPA-PWD security connections which illustrates the risks as well as threats of incorrect implementation of Dragonfly.

LIST OF FLAWS IN WPA3 WIFI SECURITY

Below is the List of Flaws in WPA3 Wifi Security :

CERT ID #VU871675: A type of downgraded attack against WPA3 routers,

CERT ID #VU871675: A type of downgraded attack against WPA3 Dragonfly handshakes.

CVE-2019-9494: A timing-based attack against WPA3 handshake capturing.

CVE-2019-9494: Cache based internal attack on WPA3 routers using Dragonfly handshake.

CERT ID #VU871675: A type of Denial Of Service attack against WPA3 Dragonfly handshake.

The vulnerabilities mentioned above are very efficient and very cheap. For high-level descriptions of these attacks, and for the full technical details Kali4Hacking suggests to refer to the research papers(l, ink given at the end of the article) of the DRAGONBLOOD VULNERABILITY IN WPA3 WIFI SECURITY paper.

POTENTIAL OF THE DRAGONBLOOD VULNERABILITY

POTENTIAL OF THE DRAGONBLOOD VULNERABILITY is that it can be used to recover password of any Wi-Fi network. Also, the DRAGONBLOOD VULNERABILITY has the potential to launch resource consumption attacks, and can also force other devices to use weaker security for their protection. The WPA3 based Dragonblood attacks are against home networks (WPA3 Personal), In this case, one the password is only shared amongst all the users.

TOOLS RELEASED FOR DRAGONBLOOD VULNERABILITY

The security researchers have made scripts to test for certain vulnerabilities regarding DRAGONBLOOD VULNERABILITY:

DragonSlayer : DragonSlayer script implements attacks against EAP-PWD security connections.

DragonDrain : DragonDrain tool is used to test the limit that, up to which extent any access point is vulnerable to DOS or DDOS attack which can be used against WPA3 Simultaneous Authentication of Equals handshake.

DragonTime : DragonTime is an an experimental tool which is used to perform timing attacks against the Simultaneous Authentication of Equals handshake.

DragonForce : DragonForce is also an experimental tool which gathers information by recovering the data from our timing or cache-based attacks. Also, this tool can perform password related an attack such as a dictionary or brute-force attack.

Note: All the download and important links are given just at the end of the article.

OTHER IMPORTANT LINKS

Researchers Website: https://wpa3.mathyvanhoef.com

Research Paper : Dragonblood: A Security Analysis of WPA3's SAE Handshake Download

Dragonblood Tools : 

DragonSlayer Download, 

DragonDrainTool Download, 

DragonTime Download, 

DragonForce Download