Cybersecurity @sh.itjust.works boredsquirrel @slrpnk.net 2mo ago

WPA3 upgrade module using a small SBC?

I had this thought.

Many IOT devices, including local devices like printers, streaming boxes, cameras etc. may be outdated.

Those may use Wifi but only support WPA2, which can be easily cracked using Kali Linux, a kernel module integrated in Kali, and aircrack.

Many of these devices have an Ethernet or at least USB jack. Ethernet will always work, USB over usb-tethering should work often.

Couldnt you just use a tiny sbc, with a wifi antenna and support for WPA3, and serve the connection via Ethernet or USB to the device?

Like a small plug-in adapter.

Should be rock stable and update atomically and automatically (waiting for you, CentOS bootc, Alma bootc, Rockylinux bootc).

Do you know if this exists or have some caveats in mind?

5 comments

Is the WPA2 specification actually broken? Or just various unpatched implementations of it? I thought many vendors patched against the KRACK attack.
WPA2 exploit has been mostly fixed for years now, and it’s only the router that’s affected. They just needed to implement some rate limiting on guessing WPA PINs. I stopped cracking a majority of routers this way 10 years ago or so. Only someone running a very outdated router at this point would be susceptible. Update your firmware, turn off WPA PIN access, enjoy.
- Interesting, didnt know that!
  
  Ten, twelve years ago this exploit was the shit. I was in the military at the time and used Backtrack r5 lots while traveling around to get internet when I didn’t have access. All it has to do is guess a 4 digit code and a 3 digit code separately, once you hit success on the WPA PIN you get the SSID and password. Takes a couple hours if it’s not a default PIN IIRC. Coolest script kiddie thing I did since sending Sub7 to people back in the early 00s.
  
  These days I don’t really bother. You might be able to pull it off on some really old hardware which does exist, but anyone who got a router in the past 6-8 years likely wouldn’t be susceptible. Might as well try exploiting your own router just to see.
Seems doable - my first thought would be to use an esp c6 that supports WiFi 6 and wpa3, and im sure I've seen some people bit bang fast ethernet from a microcontroller and bridge that to the WiFi.

My main problem is that I have wpa2 iot devices that don't have Ethernet ports, so they won't connect to my ssid which has 6ghz enabled and thus is forced by my router manufacturer to be in wpa3 only mode.