Vatsvagiri kubva kuEset pamusangano urikuitika mazuva ano ruzivo nezve () muCypress uye Broadcom isina waya machipisi, iyo inokutendera kuti utsikise yakavharirwa Wi-Fi traffic yakachengetedzwa uchishandisa iyo WPA2 protocol. Kusagadzikana kwacho kwakanzi Kr00k. Dambudziko rinobata FullMAC machipisi (iyo Wi-Fi stack inoshandiswa padivi re chip, kwete kudivi remutyairi), inoshandiswa mumhando dzakasiyana dzemidziyo yevatengi, kubva kumafoni kubva kune vanozivikanwa vanogadzira (Apple, Xiaomi, Google, Samsung) kusvika. vatauri vakangwara (Amazon Echo, Amazon Kindle), mabhodhi (Raspberry Pi 3) uye nzvimbo dzisina waya dzekuwana (Huawei, ASUS, Cisco).
Kusagadzikana kunokonzerwa nekusa gadzirisa makiyi encryption kana uchibvisa () zvishandiso kubva panzvimbo yekuwana. Pakudimbura, kiyi yesesheni yakachengetwa (PTK) chip inoiswazve zero, sezvo pasina imwe data ichatumirwa muchikamu chazvino. Izvo zvakakosha zvekusagadzikana ndezvekuti iyo data yasara mukutapurirana (TX) buffer yakavharidzirwa nekiyi yakacheneswa inongosanganisira zero chete uye, nekudaro, inogona kudhindwa zviri nyore kana ikabatwa. Kiyi isina chinhu inoshanda chete kune yakasara data mubuffer, iri mashoma kilobytes muhukuru.
Nekudaro, kurwiswa kwacho kunoenderana nekutumira kwakagadzirwa kwemamwe mafuremu anokonzera kuparadzaniswa, uye kubatwa kweiyo data inotumirwa inotevera. Disassociation inowanzoshandiswa mumatambo asina waya kushandura kubva pane imwe nzvimbo kuenda kune imwe paunenge uchidzungaira kana kana kutaurirana nenzvimbo yekupinda iripo yarasika. Kuparadzanisa kunogona kukonzerwa nekutumira chigadziro chekutonga, icho chinoparidzirwa chisina kunyorwa uye chisingadi kuvimbiswa (anorwisa anongoda kusvika kwechiratidzo cheWi-Fi, asi haafaniri kubatanidzwa kune network network). Kurwiswa uku kwakaedzwa chete uchishandisa WPA2 protocol; mukana wekuita kurwisa paWPA3 hauna kuedzwa.
Zvinoenderana nefungidziro yekutanga, kusagadzikana kunogona kukanganisa mabhiriyoni emidziyo iri kushandiswa. Dambudziko harioneki pamidziyo ine Qualcomm, Realtek, Ralink uye Mediatek chips. Panguva imwecheteyo, decryption yetraffic inogoneka kana mudziyo wemutengi anotambura ukawana nzvimbo isina dambudziko rekupinda, uye kana chishandiso chisina kukanganiswa nedambudziko chikawana nzvimbo yekuwana inoratidza kusagadzikana. Vazhinji vagadziri vemidziyo yevatengi vakatoburitsa zvigadziriso zve firmware zvinogadzirisa kusagadzikana (semuenzaniso, Apple kusagadzikana kumashure muna Gumiguru gore rapfuura).
Izvo zvinofanirwa kucherechedzwa kuti kusadzivirirwa kunokanganisa encryption pane isina waya network level uye inobvumidza iwe kuti uongorore chete isina chengetedzo yekubatanidza inotangwa nemushandisi, asi haiite kuti zvikwanise kukanganisa kubatana ne encryption padanho rekushandisa (HTTPS, SSH, STARTTLS, DNS. pamusoro peTLS, VPN, nezvimwewo). Ngozi yekurwiswa inoderedzwawo nenyaya yekuti pane imwe nguva munhu anorwisa anogona kungobvisa mashoma kilobytes yedata yaive mune yekutumira buffer panguva yekudimburwa. Kuti ubudirire kutora chakavanzika data yakatumirwa pamusoro pekubatana kusina kuchengetedzwa, munhu anorwisa anofanira kunge achinyatsoziva payakatumirwa, kana kugara achitanga kudzima kubva panzvimbo yekuwana, izvo zvichave pachena kumushandisi nekuda kwekugara uchitangazve yekubatanidza isina waya.
Mimwe yemidziyo yakaedzwa neEset kuti iite kurwisa:
- Amazon Echo 2nd gen
- Amazon Kindle 8th gen
- Apple iPad Mini 2
- Apple iPhone 6, 6S, 8, XR
- Apple MacBook Air Retina 13-padiki 2018
- Google Nexus 5
- Google Nexus 6
- Google Nexus 6S
- Raspberry Pi 3
- Samsung Galaxy S4 GT-I9505
- Samsung Galaxy S8
- Xiaomi Redmi 3S
- Wireless routers ASUS RT-N12, Huawei B612S-25d, Huawei EchoLife HG8245H, Huawei E5577Cs-321
Source: opennet.ru