Umphandi wokhuseleko wase-Israel u-Ido Hoorvitch (Tel Aviv) upapashe iziphumo zovavanyo lokufunda amandla eephasiwedi ezisetyenziselwa ukuququzelela ukufikelela kwiinethiwekhi ezingenazintambo. Kuphononongo lwezakhelo ezithintelweyo kunye nezihlonzi ze-PMKID, kwakunokwenzeka ukuqagela iiphasiwedi zokufikelela kwi-3663 ye-5000 (73%) efunde iinethiwekhi ezingenazintambo eTel Aviv. Ngenxa yoko, kwagqitywa ekubeni uninzi lwabanini benethiwekhi engenazingcingo bamisela amagama ayimfihlo abuthathaka anokuchaphazeleka ekucingeni ngokukhawuleza, kwaye iinethiwekhi zabo ezingenazingcingo zinokuhlaselwa kusetyenziswa i-hashcat eqhelekileyo, ii-hcxtools kunye ne-hcxdumptool eziluncedo.
U-Ido wasebenzisa ilaptop esebenza Ubuntu Linux ukuthintela iipakethi zenethiwekhi engenazingcingo, wayibeka kubhaka kwaye wazulazula esixekweni wada wakwazi ukunqanda iifreyimu nge-PMKID (Pairwise Master Key Identifier) izihlonzi ezivela kwinethiwekhi ezingamawaka amahlanu ezahlukeneyo ezingenazingcingo. Emva koko, wasebenzisa ikhomputha ene-8 GPU NVIDIA QUADRO RTX 8000 48GB ukuqikelela amagama ayimfihlo usebenzisa i-hashes ethathwe kwisihlonzi se-PMKID. Ukusebenza okukhethiweyo kulo mncedisi kwakuphantse kube yi-7 yezigidi ze-hashes ngomzuzwana. Ukuthelekisa, kwi-laptop eqhelekileyo, ukusebenza kumalunga nama-200 amawaka e-hashes ngomzuzwana, okwaneleyo ukuqikelela igama eliyimfihlo elinamanani ali-10 malunga nemizuzu eyi-9.
Ukukhawulezisa ukhetho, ukukhangela kwakukhawulelwe kulandelelwano olubandakanya kuphela oonobumba abancinci be-8, kunye ne-8, i-9 okanye i-10. Lo mda bewanele ukumisela iiphasiwedi ze-3663 kwiinethiwekhi ezingama-5000. Awona magama ayimfihlo adumileyo yayingamadijithi ali-10, asetyenziswa kwiinethiwekhi ezingama-2349. Amagama ayimfihlo anamanani ayi-8 asetyenziswe kuthungelwano lwe-596, iidijithi ze-9 kwi-368, kunye neephasiwedi zoonobumba abancinci abasi-8 kwi-320. Ukuphinda ukhetho usebenzisa isichazi-magama se-rockyou.txt, i-133 MB ngobukhulu, kwasivumela ukuba sikhethe ngokukhawuleza ii-passwords ze-900.
Kucingelwa ukuba imeko enokuthembeka kwamagama agqithisiweyo kwiinethiwekhi ezingenazingcingo kwezinye izixeko kunye namazwe aphantse afane kwaye uninzi lwamagama agqithisiweyo anokufumaneka kwiiyure ezimbalwa kwaye uchithe malunga ne-50 yeedola kwikhadi elingenazingcingo elixhasa imowudi yokubeka iliso yomoya (i-ALFA Network). Ikhadi le-AWUS036ACH lisetyenziswe kuvavanyo). Uhlaselo olusekelwe kwi-PMKID lusebenza kuphela kwiindawo zokufikelela ezixhasa ukuzulazula, kodwa njengoko uqheliselo lubonisile, abaninzi abavelisi abayikhubaza.
Uhlaselo lusebenzise indlela eqhelekileyo yokugqekeza iinethiwekhi ezingenazingcingo nge-WPA2, eyaziwayo ukusukela ngo-2018. Ngokungafaniyo nendlela yeklasikhi, efuna ukubamba izakhelo zokubamba izandla ngelixa umsebenzisi edibanisa, indlela esekelwe kwi-PMKID yokuqhawula ayibophelwanga kuqhagamshelo lomsebenzisi omtsha kwinethiwekhi kwaye inokuqhutywa nangaliphi na ixesha. Ukufumana idatha eyaneleyo ukuqalisa ukuqikelela igama lokugqitha, kufuneka uthintele isakhelo esinye kuphela ngesichongi se-PMKID. Ezo zakhelo zingafunyanwa nokuba zikwimo yokwenziwa ngokujonga umsebenzi onxulumene nokuzulazula, okanye zinokuqalisa ngamandla ukuhanjiswa kwezakhelo nge-PMKID emoyeni ngokuthumela isicelo sobuqinisekiso kwindawo yofikelelo.
I-PMKID yi-hash eyenziwe kusetyenziswa igama eliyimfihlo, indawo yokufikelela kwindawo ye-MAC, idilesi yomxhasi we-MAC, kunye negama lenethiwekhi engenazingcingo (SSID). Iiparamitha ezintathu zokugqibela (i-MAC AP, iSikhululo se-MAC kunye ne-SSID) ziyaziwa ekuqaleni, ezivumela ukusetyenziswa kwendlela yokukhangela isichazi-magama ukumisela igama eliyimfihlo, elifana nendlela iiphasiwedi zabasebenzisi kwinkqubo inokuqikelelwa ngayo ukuba i-hash yabo ivuza. Ngaloo ndlela, ukhuseleko lokungena kwinethiwekhi engenazingcingo kuxhomekeke ngokupheleleyo kumandla esethi yephasiwedi.
umthombo: opennet.ru