savio-code
commented
6 years ago Hi Ecksters,
Thanks for the info on this new vulnerability. I however already have plans on implementing this exploit into.Fern
Open Ecksters opened 6 years ago
savio-code
commented
6 years ago Hi Ecksters,
Thanks for the info on this new vulnerability. I however already have plans on implementing this exploit into.Fern
Cherkah
commented
6 years ago hi, would like to get the fern-pro's version. but how can i do it if the free one give me stuff like #101 and do not integrate the new KRACK WPA2 exploit ?! so until the fern'update I'll waiting for ...
Earlier this month a new attack on the 4-way handshake for WPA2 was revealed, the finder explains the issue here. As this is by-far the most convenient tool for Wifi Pentesting, it would be nice to see this new exploit implemented. According to the site:
The primary use, as demonstrated by them, would be to set yourself between the client and AP, and strip SSL off of all websites, allowing you to capture and use session packets or other sensitive data. Due to the nature of the attack, this would be ineffective against websites that simply do not allow non-HTTPS access.
As Fern already has tools in place for session hijacking, it seems like it would be in a good place to implement this exploit, even if no original key can be obtained.
I'm not sure if this repository is receiving updates at this point, since the Pro version appears to be front and center, but this seems like an update that would be worth implementing.