Skip to main content

Network routers with roaming enabled are likely susceptible to a new attack

Hashcat creator Jens Steube accidentally discovered a new method to break into network routers while researching new ways to attack the new WPA3 security standard. He stumbled onto an attack technique capable of cracking hashed passwords based on the Wi-Fi Protected Access Pre-Shared Key (WPA-PSK) security protocol.

For starters, WPA is a mechanism in wireless networking that encrypts and decrypts data passed between the router and a connected device. The PSK aspect applies to the network’s password or passphrase, as the router creates a unique 256-character key that is shared between both devices. These keys change periodically to prevent hackers from infiltrating the network.

Recommended Videos

In a typical attack, the hacker must be in the range of a router and a connecting wireless device, and patiently wait for the latter device to log onto the network. When the wireless device begins the connection process, the hacker must run a tool in the exact same moment to capture the full four-way “authentication handshake” made between the router and the device.

Please enable Javascript to view this content

That’s not the case in the new attack. With this method, the hacker needs only a small portion of the handshake called the Robust Security Network Information Element (RSN IE). Even more, the hacker can connect directly to the router and access the needed data rather than lurk in the background and wait for someone to connect.

“At this time, we do not know for which vendors or for how many routers this technique will work, but we think it will work against all 802.11 i/p/q/r networks with roaming functions enabled (most modern routers),” Steube says.

The login aspect of connecting a wireless device to a router consists of a set number of steps or frames. The RSN IE is an optional field within one of those steps that contains the Pairwise Master Key Identifier, a networking component that verifies that both the router and wireless device know the PSK-based password. This component is the new method’s attack vector, retrieving the stored PSK-based password.

According to Steube, the attack requires three available tools: Hcxdumptool v4.2.0 or higher, Hcxtools v4.2.0 or higher, and Hashcat v4.2.0 or higher. The first tool on the list grabs the necessary connection frame and dumps it into a file. The second tool converts the saved data into a format that can be read by Hashcat. This third tool cracks the encryption.

Ultimately, this method reduces the time used to access the stored passwords but doesn’t lessen the time needed to crack the encryption protecting these passwords. The cracking duration depends on the password complexity, thus if router owners never change the password from the factory default, the password should take no time to crack.

To better protect yourself from a possible attack, change the default password on your router. Using your own password is supposedly better than allowing the router to create one for you, and always use a variety of characters: Lower and upper-case letters, numbers, and symbols. If you’re not great at remembering passwords, Steube suggests using a password manager.

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
One more year of the iMac Pro being missing in action
Apple iMac Pro News

This week, Apple announced a new M4 iMac. It got some upgrades that help make it more appealing to creatives and pros, such as the more powerful M4 chip, Thunderbolt 4, upgraded camera, and nano-texture display.

But an iMac Pro, this is not.

Read more
The best tablets in 2025: top 8 tablets you can buy now
Disney+ app on the iPad Air 5.

Even the best smartphones still have relatively small screens. After all, they can only get so big before they're no longer practical or pocketable. There are some great folding phones that try to give you the best of both worlds, but these are pricy options and often make compromises you're unwilling to live with. If you're looking for a larger canvas for reading, sketching, gaming, or just about anything else, you're likely much better off going with a tablet. This lets your smartphone keep doing what it does best — being portable, taking great pictures, and offering solid battery life — while giving you an alternative for those times when you need more screen real estate.

However, choosing the right tablet can be tricky. People use tablets in different ways, so there are dozens of options on the market to address these myriad needs. We know how hard it can be to wade through them all and find the one that works best for your use case and budget, so we've done the legwork for you, reviewing dozens of tablets across the entire spectrum to compile a list of the top eight for all walks of life.

Read more
There’s a new challenger to one of our favorite laptops
Lenovo Yoga Slim 7i Aura Edition front view showing display and keyboard.

When it came out earlier this year, the Surface Laptop 7th Edition was a breath of fresh air. So much so that our computing editor adopted it as his "new daily carry" after reviewing the device.

And while we still highly recommend that laptop, there's a new challenger in town. The Lenovo Yoga Slim 7i Aura Edition is one of the rare laptops comes with a 15-inch display that can match the Surface Laptop 7th Edition -- and it also comes with the latest Intel chip. It's the perfect foil to the Surface Laptop 7th Edition, and in some ways, might be an even better option.
Specs and configurations

Read more