KRACK Attack (Key Reinstallation Attack) exploits a vulnerability in the standardized WPA2 authentication algorithm state machine. WPA2 is the industry-standard for encrypting and securing our Wi-Fi traffic for the past 14 years.
A few Weeks before Security Researchers Find this historical KRACK Attack vulnerability in WiFi Network that forced to hundreds and thousands of companies update their modems and WiFi-enabled Devices such as Android cellular phone, network cameras, robotic vacuum cleaner.
There was an only option to Eliminate this vulnerability is that all devices must be patched and updated immediately to fix and mitigate the vulnerability.
According to Researchers, We show that an attacker can force these nonce resets by collecting and replaying retransmissions of message 3 of the 4-way handshake. By forcing nonce reuse in this manner, the encryption protocol can be attacked, e.g., packets can be replayed, decrypted, and/or forged. The same technique can also be used to attack the group key, PeerKey, TDLS, and fast BSS transition handshake.
This Attack will Work against AES-CCMP, and GCMP, Ciphers WPA-TKIP, WP1, WPA2, Personal and enterprise networks.
Also, A new Tool called KRACK Detector has been released to prevent from this critical KRACK Attack Vulnerability.
KRACK Detector for KRACK Attack
According to Tool Description, KRACK Detector is a Python script to detect possible KRACK attacks against client devices on your network.
The script is meant to be run on the Access Point rather than the client devices. It listens on the Wi-Fi interface and waits for duplicate message 3 of the 4-way handshake. It then disconnects the suspected device, preventing it from sending any further sensitive data to the Access Point.
KRACK Detector currently supports Linux Access Points with hostapd. It uses Python 2 for compatibility with older operating systems. No external Python packages are required.
Network Admins Run as root and pass the Wi-Fi interface as a single argument. It is important to use the actual Wi-Fi interface and not any bridge interface it connects to.
python krack_detect.py wlan0
If you do not wish to disconnect suspected devices, use the
python krack_detect.py -n wlan0v
Apart from this, Message 3 of the 4-way handshake might be retransmitted even if no attack is performed. In such a case the client device will be disconnected from the Wi-Fi network. Some client devices will take some time to re-authenticate themselves, losing the Wi-Fi connection for a few seconds.