vanhoefm
commented
1 year ago The script demonstrates the existence of the vulnerability. If the network would isn't vulnerable, you would not receive the SYN/ACK response. The paper contains more details on how the attack works.
We use ‘./macstealer.py wlan0 --config multipsk.conf’ to test our AP and receive the SYN/ACK response. Then what is the encryption method after the attacker reconnects to the AP, and how to decrypt the intercepted data? Can you provide a detailed method to demonstrate the vulnerabilities you mentioned in the paper? Thank you very much~