Mathy Vanhoef, tus sau ntawm KRACK nres ntawm wireless network, tshaj tawm cov ntaub ntawv hais txog 12 qhov tsis zoo cuam tshuam rau ntau yam khoom siv wireless. Cov teeb meem raug txheeb xyuas tau nthuav tawm hauv qab lub npe FragAttacks thiab npog yuav luag txhua daim npav wireless thiab cov ntsiab lus nkag hauv kev siv - ntawm 75 cov khoom siv tau sim, txhua tus raug cuam tshuam rau tsawg kawg ib qho ntawm txoj kev tawm tsam.
Cov teeb meem tau muab faib ua ob pawg: 3 qhov tsis zoo tau raug txheeb xyuas ncaj qha hauv Wi-Fi cov qauv thiab npog txhua yam khoom siv uas txhawb nqa tam sim no IEEE 802.11 cov qauv (cov teeb meem tau taug qab txij li xyoo 1997). 9 qhov tsis zoo muaj feem cuam tshuam rau qhov tsis raug thiab qhov tsis zoo hauv cov kev siv tshwj xeeb ntawm cov pawg wireless. Qhov kev phom sij tseem ceeb yog sawv cev los ntawm qeb thib ob, txij li kev teeb tsa kev tawm tsam ntawm qhov tsis zoo hauv cov qauv yuav tsum muaj cov chaw tshwj xeeb lossis kev ua haujlwm ntawm qee qhov kev ua los ntawm tus neeg raug tsim txom. Txhua qhov teeb meem tshwm sim tsis hais txog cov txheej txheem siv los ua kom muaj kev ruaj ntseg Wi-Fi, suav nrog thaum siv WPA3.
Feem ntau ntawm txoj kev tawm tsam tau tso cai rau tus neeg tawm tsam los hloov L2 thav duab hauv lub network tiv thaiv, uas ua rau nws tuaj yeem cuam tshuam rau tus neeg raug tsim txom txoj kev tsheb. Qhov tseeb tshaj tawm tsam qhov xwm txheej yog spoofing DNS cov lus teb los coj tus neeg siv mus rau tus neeg tawm tsam tus tswv tsev. Ib qho piv txwv kuj tau muab los ntawm kev siv qhov tsis zoo los hla tus neeg txhais lus chaw nyob ntawm lub router wireless thiab teeb tsa kev nkag ncaj qha mus rau ib lub cuab yeej hauv zos lossis tsis quav ntsej txog kev txwv firewall. Qhov thib ob ntawm qhov tsis zoo, uas cuam tshuam nrog kev ua haujlwm ntawm fragmented thav duab, ua rau nws muaj peev xwm rho tawm cov ntaub ntawv hais txog kev khiav tsheb ntawm lub wireless network thiab cuam tshuam cov neeg siv cov ntaub ntawv xa mus yam tsis muaj encryption.
Tus kws tshawb fawb tau npaj ib qho kev nthuav qhia qhia tias yuav ua li cas thiaj li siv tau los cuam tshuam tus password xa mus thaum nkag mus rau qhov chaw ntawm HTTP yam tsis muaj encryption. nyob rau hauv unupdated pab kiag li lawm nyob rau hauv lub zos network uas muaj uncorrected vulnerabilities (piv txwv li, nws muaj peev xwm mus tua ib tug unupdated computer nrog Windows 7 ntawm lub network sab hauv ntawm NAT traversal).
Txhawm rau siv qhov tsis zoo, tus neeg tawm tsam yuav tsum nyob hauv thaj tsam ntawm lub hom phiaj wireless xa cov khoom tsim tshwj xeeb ntawm thav duab rau tus neeg raug tsim txom. Cov teeb meem cuam tshuam rau ob tus neeg siv khoom siv thiab daim npav wireless, nrog rau cov ntsiab lus nkag thiab Wi-Fi routers. Feem ntau, siv HTTPS ua ke nrog encrypting DNS tsheb siv DNS dhau TLS lossis DNS dhau HTTPS yog qhov txaus ua haujlwm. Kev siv VPN kuj tsim nyog rau kev tiv thaiv.
Qhov txaus ntshai tshaj plaws yog plaub qhov tsis zoo hauv kev siv cov khoom siv wireless, uas tso cai rau txoj hauv kev tsis tseem ceeb kom ua tiav qhov hloov pauv ntawm lawv cov thav ntawv uas tsis tau nkag mus:
- Vulnerabilities CVE-2020-26140 thiab CVE-2020-26143 tso cai rau thav duab ntawm qee cov ntsiab lus nkag thiab wireless phaib ntawm Linux, Windows, thiab FreeBSD.
- Vulnerability VE-2020-26145 tso cai rau kev tshaj tawm xov xwm tsis muaj ntaub ntawv pov thawj kom ua tiav raws li tag nrho ntawm macOS, iOS thiab FreeBSD thiab NetBSD.
- Vulnerability CVE-2020-26144 tso cai rau kev ua haujlwm ntawm unencrypted reassembled A-MSDU thav duab nrog EtherType EAPOL hauv Huawei Y6, Nexus 5X, FreeBSD thiab LANCOM AP.
Lwm qhov tsis zoo hauv kev siv yog feem ntau cuam tshuam nrog cov teeb meem tshwm sim thaum ua cov fragmented thav ntawv:
- CVE-2020-26139: Tso cai hloov pauv ntawm cov thav ntawv nrog tus chij EAPOL xa los ntawm tus neeg xa ntawv tsis muaj pov thawj ( cuam tshuam rau 2/4 cov ntsiab lus nkag siab, nrog rau NetBSD thiab FreeBSD-raws li kev daws teeb meem).
- CVE-2020-26146: tso cai reassembling ntawm encrypted fragments yam tsis tau kuaj xyuas tus lej lej.
- CVE-2020-26147: Tso cai rov sib sau ua ke ntawm cov khoom sib xyaw encrypted thiab unencrypted fragments.
- CVE-2020-26142: Tso cai rau cov fragmented thav ntawv yuav tsum tau kho raws li tag nrho thav duab ( cuam tshuam rau OpenBSD thiab ESP12-F wireless module).
- CVE-2020-26141: TKIP MIC daim tshev ploj lawm rau fragmented thav duab.
Cov teeb meem Specification:
- CVE-2020-24588 - nres ntawm aggregated thav duab (tus chij "yog sib sau ua ke" tsis muaj kev tiv thaiv thiab tuaj yeem hloov tau los ntawm tus neeg tawm tsam hauv A-MSDU thav ntawv hauv WPA, WPA2, WPA3 thiab WEP). Ib qho piv txwv ntawm kev tawm tsam siv yog redirecting tus neeg siv mus rau lub siab phem DNS server lossis NAT traversal.
- CVE-2020-245870 yog ib qho tseem ceeb sib xyaw nres (tso cia cov fragments encrypted siv cov yuam sij sib txawv hauv WPA, WPA2, WPA3 thiab WEP kom rov ua dua). Qhov kev tawm tsam tso cai rau koj los txiav txim siab cov ntaub ntawv xa los ntawm tus neeg siv khoom, piv txwv li, txiav txim siab cov ntsiab lus ntawm lub ncuav qab zib thaum nkag mus rau HTTP.
- CVE-2020-24586 yog kev tawm tsam ntawm cov fragment cache (tus qauv npog WPA, WPA2, WPA3 thiab WEP tsis tas yuav tshem tawm cov seem uas twb tau tso rau hauv cache tom qab kev sib txuas tshiab rau lub network). Tso cai rau koj los txiav txim siab cov ntaub ntawv xa los ntawm tus neeg siv khoom thiab hloov koj cov ntaub ntawv.
Txhawm rau kuaj cov qib ntawm kev cuam tshuam ntawm koj cov khoom siv rau cov teeb meem, cov cuab yeej tshwj xeeb thiab cov duab npaj ua Live rau kev tsim lub bootable USB drive tau npaj. Ntawm Linux, teeb meem tshwm sim hauv mac80211 wireless mesh, tus neeg tsav tsheb wireless, thiab cov firmware loaded ntawm daim npav wireless. Txhawm rau tshem tawm qhov tsis muaj qhov tsis zoo, txheej txheej ntawm thaj ua rau thaj tau thov uas npog cov mac80211 pawg thiab cov tsav tsheb ath10k / ath11k. Qee cov khoom siv, xws li Intel wireless cards, yuav tsum tau hloov kho firmware ntxiv.
Kev ntsuam xyuas ntawm cov khoom siv ib txwm:
Kev sim ntawm daim npav wireless hauv Linux thiab Windows:
Kev ntsuam xyuas ntawm daim npav wireless hauv FreeBSD thiab NetBSD:
Cov neeg tsim khoom tau ceeb toom txog cov teeb meem 9 lub hlis dhau los. Xws li lub sij hawm embargo ntev yog piav qhia los ntawm kev sib koom ua ke ntawm kev hloov kho tshiab thiab qeeb hauv kev npaj cov kev hloov pauv rau cov lus qhia los ntawm ICASI thiab Wi-Fi Alliance cov koom haum. Thaum xub thawj, nws tau npaj los nthuav tawm cov ntaub ntawv thaum Lub Peb Hlis 9, tab sis, tom qab sib piv cov kev pheej hmoo, nws tau txiav txim siab ncua kev tshaj tawm rau ob lub hlis ntxiv txhawm rau muab sijhawm ntxiv los npaj thaj ua rau thaj, suav nrog qhov tsis tseem ceeb ntawm cov kev hloov pauv. tau ua thiab cov teeb meem tshwm sim los ntawm COVID-19 kis thoob qhov txhia chaw.
Nws yog qhov tsim nyog hais tias txawm tias muaj kev cuam tshuam, Microsoft tau kho qee qhov tsis zoo ua ntej lub sijhawm nyob rau lub Peb Hlis Windows hloov tshiab. Kev nthuav tawm cov ntaub ntawv raug ncua ib lub lim tiam ua ntej lub sijhawm teem tseg thiab Microsoft tsis muaj sijhawm lossis tsis xav hloov pauv cov kev npaj hloov tshiab npaj rau kev tshaj tawm, uas tsim kev hem thawj rau cov neeg siv ntawm lwm lub tshuab, txij li cov neeg tawm tsam tuaj yeem tau txais cov ntaub ntawv hais txog vulnerabilities los ntawm thim rov qab engineering cov ntsiab lus ntawm qhov hloov tshiab.
Tau qhov twg los: opennet.ru