This could make many “thought safe” Wi-Fi routers not so
Here is where paying attention to new attacks is important.
hashcat.net has the information:
This attack does not even need a full EAPOL 4-way handshake, EAPOL stands for Extensible Authentication Protocol(EAP) over LAN. A simple 4-way handshake is shown pictorially below (from hitchhikersguidetolearning.com)
This means that in the past an attack on Wi-Fi would would need EAPOL 4-way handshake to be captured. Capturing the 4-way handshake is sometimes difficult to achieve.
Instead in this attack: ” We receive all the data we need in the first EAPOL frame from the AP.”
First one captures a sample initial Message from the ‘Authenticator’ which includes a PMKID (run hcxdumptool)
Second (run hcxpcaptool) to convert captured data from pcapng format to a hash format accepted by hashcat
Third (run hashcat) to crack the string of data.
So now no 4-way handshake is needed, only expertise to run a couple of scripts and to know how to set up the Wi-Fi capture by using the Wi-Fi network card.
The comments on the hashcat webpage do mention that your Wi-Fi network card must have the capability to capture wlan traffic.
So this requires more review and investigations.
Contact us to try it on your network.