lowpro
Professional Abecedarian
That's right, the day has come. Rest easy WPA2, it was good while it lasted.
https://www.krackattacks.com/
TL;DR:
You can repeatedly resend the 3rd packet in a WPA2 handshake and it'll reset the key state, which leads to nonce reuse, which leads to trivial decryption with known plaintext. You can then own the network. It's in the standard, so this is abuse of a feature, meaning hard to fix. Also in Linux and Android when this attack is performed the key is immediately set to all 0s, so it actually is instantly cracked (vs other platforms which would take a few seconds).
No POC yet, this is a messed up situation though.
https://www.krackattacks.com/
TL;DR:
You can repeatedly resend the 3rd packet in a WPA2 handshake and it'll reset the key state, which leads to nonce reuse, which leads to trivial decryption with known plaintext. You can then own the network. It's in the standard, so this is abuse of a feature, meaning hard to fix. Also in Linux and Android when this attack is performed the key is immediately set to all 0s, so it actually is instantly cracked (vs other platforms which would take a few seconds).
No POC yet, this is a messed up situation though.