Ukuba zixhatshaziwe, ezi ziphene zinokuvumela abahlaseli ukuba bafumane ukufikelela okungagunyaziswanga kulwazi olubuthathaka okanye ngokubanzi babangele iingxaki.
Iindaba zakhutshwa ukuba iqela labaphandi kwiYunivesithi yaseTsinghua (eTshayina) kunye neYunivesithi yaseGeorge Mason (eUSA) uveze ulwazi malunga nokuba sesichengeni (I-CVE-2022-25667) kwiindawo zokungena evumela ukuququzelela ukukhawulwa kwetrafikhi (MITM) kuthungelwano olungenazingcingo olukhuselwe ngeendlela zeWPA, WPA2 kunye neWPA3 protocol.
Ngokuphatha iipakethi ze-ICMP Ngeflegi "eqondisa ngokutsha", umhlaseli angaphinda aqondise itrafikhi yexhoba ngaphakathi kwenethiwekhi engenazingcingo ngokusebenzisa inkqubo yabo, enokusetyenziselwa ukuthintela kunye nokuphazamisa iiseshoni ezingafihlwanga (umzekelo, izicelo kwiindawo ezingezizo eze-HTTPS).
Ukuba sesichengeni kubangelwa kukunqongophala kohluzo olululo lwemiyalezo ye-ICMP enespoofed ngedilesi yomthumeli spoofing kwiiprosesa zenethiwekhi (NPUs, Network Processing Units), ezibonelela ngokusetyenzwa kwepakethi ephantsi kwinethiwekhi engenazingcingo.
Phakathi kwezinye izinto, ii-NPUs ziqondise ngokutsha, ngaphandle kokuqinisekisa ubuqhetseba, iipakethi ze-ICMP zomgunyathi ezineflegi "eqondisa ngokutsha", engasetyenziselwa ukutshintsha iiparitha zeetafile zomzila kwicala lomsebenzisi wexhoba.
Uluvo oluphambili kukusebenzisa kakubi ukuba sesichengeni konxibelelwano lwe-interlayer phakathi kwe-WPAs kunye neeprothokholi ze-ICMP, ukuphepha ngokupheleleyo iindlela zokhuseleko lwe-link layer ezisetyenziswa zii-WPAs.
Uhlaselo luyancitshiswa ekuthumeleni ipakethi ye-ICMP egameni lendawo yofikelelo kunye neflegi "yokuqondisa kwakhona", ebonisa idatha ye-dummy kwisihloko sepakethi. Ngenxa yobuthathaka, umyalezo uthunyelwa kwindawo yofikelelo kwaye iqhutywe yi-stack yenethiwekhi yexhoba, ethatha ukuba umyalezo uthunyelwe kwindawo yokufikelela.
Sihlangabezana neemfuno ezimbini zokuqalisa ngempumelelo uhlaselo lwethu. Okokuqala, xa umhlaseli ehlambalaza i-AP esemthethweni ukwenza umyalezo oqondiswe ngokutsha we-ICMP, i-AP ayinakuqaphela kwaye ihluze ezo zikhonkwane ze-ICMP.
Kwakhona, abaphandi bacebise indlela yokudlula iitshekhi yeepakethe ze-ICMP ezineflegi "yokuqondisa kwakhona" kwicala labasebenzisi bokugqibela kunye nokutshintsha itafile yabo yokuqhuba. Ukuthintela ukuhluza, umhlaseli kuqala umisela i-port ye-UDP esebenzayo kwicala lexhoba.
Okwesibini, siphuhlise indlela entsha yokuqinisekisa ukuba umyalezo othunyelwe ngokutsha we-ICMP unokukuphepha ukujongwa ngokusemthethweni kwexhoba kwaye emva koko utyhefe itafile yabo. Siqhube uphononongo olubanzi lokulinganisa kwiinethiwekhi ze-Wi-Fi zelizwe lokwenyani ezili-122, eziquka zonke iindlela zokhuseleko ze-Wi-Fi ezikhoyo.
Ukuba kwinethiwekhi efanayo engenazintambo, umhlaseli unokunqanda i-traffic, kodwa akakwazi ukuyichaza, kuba akayazi isitshixo seseshoni esisetyenziswe xa ixhoba lifikelela kwindawo yokufikelela. Nangona kunjalo, ngokuthumela iipakethi zokuvavanya kwixhoba, umhlaseli unokugqiba i-port ye-UDP esebenzayo ngokusekelwe kuhlalutyo lweempendulo ze-ICMP ezingenayo kunye neflegi ethi "Indawo engenakufikeleleka". Umhlaseli emva koko uvelisa umyalezo we-ICMP kunye neflegi "ye-redirect" kunye nentloko ye-UDP edibeneyo echaza i-port ye-UDP evulekileyo echongiweyo.
Ingxaki iqinisekisiwe kwiindawo zokufikelela kusetyenziswa i-HiSilicon kunye ne-Qualcomm chips. Uphononongo lweemodeli ezahlukeneyo ze-55 zeendawo zokufikelela ezivela kwi-10 abavelisi abaziwayo (i-Cisco, i-NetGear, i-Xiaomi, i-Mercury, i-360, i-Huawei, i-TP-Link, i-H3C, i-Tenda, i-Ruijie) ibonise ukuba zonke zisengozini kwaye azithinteli ipakethe ICMP. Ukongeza, uhlalutyo lwe-122 ekhoyo yothungelwano olungenazingcingo lubonise ukuba kunokwenzeka uhlaselo kwiinethiwekhi ezili-109 (89%).
Ukusebenzisa ubuthathaka, umhlaseli kufuneka akwazi ukuqhagamshela ngokusemthethweni kwinethiwekhi ye-Wi-Fi, oko kukuthi, kufuneka izazi iiparamitha zokungena kuthungelwano olungenazingcingo (ubuthathaka benza kube nokwenzeka ukuthintelwa iindlela ezisetyenziswa kwiiprothokholi zeWPA* ukwahlula itrafikhi yomsebenzisi ngaphakathi kwenethiwekhi).
Ngokungafaniyo nohlaselo lwe-MITM lwesiqhelo kuthungelwano olungenazingcingo, kusetyenziswa ubuchule bepakethe ye-ICMP, umhlaseli unokudlula ebeka indawo yakhe yokufikelela ekhohlakeleyo ukuze athintele i-traffic kwaye asebenzise iindawo zofikelelo ezisemthethweni ezinikezela ngenethiwekhi ukuhambisa iipakethi kwakhona.
Okokugqibela, ukuba unomdla wokwazi ngakumbi ngayo, ungajongana neenkcukacha kwi ukulandela ikhonkco.