KRACK Detector – Tool to Detect and Prevent From KRACK Attacks on Your Network

KRACK Attack (Key Reinstallation Attack) exploits a vulnerability in the standardized WPA2 authentication algorithm state machine. WPA2 is the industry-standard for encrypting and securing our Wi-Fi traffic for the past 14 years.

A few Weeks before Security Researchers Find this historical KRACK Attack vulnerability in WiFi Network that forced to hundreds and thousands of companies update their modems and WiFi-enabled Devices such as Android cellular phone, network cameras, robotic vacuum cleaner.

Also Read :  Crack WPA/WPA2 WiFi Passwords With Wifiphisher by Jamming the WiFi

There was an only option to Eliminate this vulnerability is that all devices must be patched and updated immediately to fix and mitigate the vulnerability.

According to Researchers, We show that an attacker can force these nonce resets by collecting and replaying retransmissions of message 3 of the 4-way handshake. By forcing nonce reuse in this manner, the encryption protocol can be attacked, e.g., packets can be replayed, decrypted, and/or forged. The same technique can also be used to attack the group key, PeerKey, TDLS, and fast BSS transition handshake.

This Attack will Work against  AES-CCMP, and GCMP, Ciphers WPA-TKIP, WP1, WPA2,  Personal and enterprise networks.

Also, A new Tool called KRACK Detector has been released to prevent from this critical KRACK Attack Vulnerability.

KRACK Detector for KRACK Attack

According to Tool Description, KRACK Detector is a Python script to detect possible KRACK attacks against client devices on your network.

The script is meant to be run on the Access Point rather than the client devices. It listens on the Wi-Fi interface and waits for duplicate message 3 of the 4-way handshake. It then disconnects the suspected device, preventing it from sending any further sensitive data to the Access Point.

KRACK Detector currently supports Linux Access Points with hostapd. It uses Python 2 for compatibility with older operating systems. No external Python packages are required.

Usage

You can Download and Install the Tool From GitHub

Network Admins Run as root and pass the Wi-Fi interface as a single argument. It is important to use the actual Wi-Fi interface and not any bridge interface it connects to.

python krack_detect.py wlan0

If you do not wish to disconnect suspected devices, use the -n flag

python krack_detect.py -n wlan0v

Apart from this, Message 3 of the 4-way handshake might be retransmitted even if no attack is performed. In such a case the client device will be disconnected from the Wi-Fi network. Some client devices will take some time to re-authenticate themselves, losing the Wi-Fi connection for a few seconds.