Sunday, April 1, 2012

WPA Flaw let us crack the PMK in a few minutes - April Fools'

Today we are very proud to announce the we found a flaw that let us crack WPA in just a few minutes no matter what the passphrase length is. Obviously, we don't get the passphrase but the PMK (which is 'derived' from the ESSID and the passphrase), the master key which is more than enough to decrypt a capture file; Airdecap-ng allows to decrypt a pcap file with either the passphrase or the PMK (using -k).

I'm sorry, I wish I had more time to write a longer post to give more technical details but right now I'm very busy writing the paper. It will be published here probably tomorrow.

And in case you wonder, it will be integrated into Aircrack-ng ;)

If you really want to read the paper, there you go.