Sure, maybe if you have an app spamming UDP or something, but in practice you're going to get a bunch of TCP retransmits and then death, no?
Show this thread
Am I missing something, or is the Android/wpa_supplicant "all zero key" KRACK bug mostly FUD? Surely wrong key = traffic can't flow.
-
-
-
I'm sure you can target some protocols to leak secrets, but this sounds *way* more invasive&impractical than the implied "it's cleartext".
Show this thread
End of conversation
New conversation -
-
-
Watch the video, all there https://m.youtube.com/watch?v=Oh4WURZoR98&time_continue=3 …
-
He's not MITMing the AP in that video, only the association. He routes all the data out the side. Doesn't work for private network resources
- Show replies
New conversation -
-
-
Citation needed. AFAICT it is impossible to MITM an AP with this approach, only hijack it. Best you can do is route to the internet.
- Show replies
New conversation -
-
-
What makes you think an attacker can't try to impersonate intranet services?
-
They can try, but that's a far cry from the MITM/decrypt ability that was implied/reported.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.