I-FragAttacks, uchungechunge lobuthakathaka kuzinga le-Wi-Fi elithinta izigidi zamadivayisi

Darkcrizt

Imizuzu ye-4

Muva nje imininingwane ngobungozi obungu-12 yadalulwa ezikhonjwe ngaphansi kwekhodi "Ukuhlaselwa kwe-Frag" kuthinta amadivayisi ahlukahlukene angenantambo futhi amboza cishe wonke amakhadi angenazintambo nezindawo zokufinyelela ezisetshenziswayo, kumadivayisi angama-75 ahloliwe, ngalinye lithintwe okungenani eyodwa yezindlela zokuhlasela ezihlongozwayo.

Izinkinga zihlukaniswe izigaba ezimbili: Ukuba sengozini okungu-3 kukhonjwe ngqo kumazinga we-Wi-Fi futhi kumboza wonke amadivayisi asekela amazinga wamanje we-IEEE 802.11 (izingqinamba zilandelwe kusukela ngo-1997).

Ubuthakathaka obungu-9 bukhomba izimbungulu namaphutha ekusetshenzisweni okuthile kwezitaki ezingenantambo. Ingozi enkulu isigaba sesibili, ngoba ukuhlelwa kokuhlaselwa kwamaphutha emazingeni kudinga izimo ezithile noma ukwenziwa kwezenzo ezithile ngumuntu ohlukunyeziwe.

Bonke ubuthakathaka buvela kungakhathalekile ukusetshenziswa kwezivumelwano ukuqinisekisa ukuphepha kwe-Wi-Fi, noma ngabe usebenzisa i-WPA3, njengoba izindlela eziningi ezihlaselwe zokuhlasela zivumela umhlaseli ukuthi enze u-L2 esikhundleni senethiwekhi kwinethiwekhi evikelwe, okwenza kube lula ukuvimba ithrafikhi yezisulu.

Ukuphendula okuphendulayo kwe-DNS ukuqondisa umsebenzisi kumsingathi womhlaseli kushiwo njengesimo esingokoqobo sokuhlaselwa. Inikeza nangesibonelo sokusebenzisa ukuba sengozini ukwedlula umhumushi wamakheli kurutha engenantambo futhi inikeze ukufinyelela okuqondile kudivayisi kunethiwekhi yendawo noma ngemikhawulo ye-firewall.

Ingxenye yesibili yobuthakathaka, ehlobene nokucutshungulwa kozimele abahlukanisiwe, ivumela ukukhipha idatha mayelana nethrafikhi kunethiwekhi engenantambo futhi ibambe idatha yomsebenzisi edlulisiwe ngaphandle kokusebenzisa ukubethela.

Umcwaningi ulungiselele umbukiso okhombisa ukuthi ubungozi bungasetshenziswa kanjani ukuthola iphasiwedi edluliswayo lapho ufinyelela iwebhusayithi nge-HTTP ngaphandle kokubethela, futhi kukhombisa ukuthi ungahlasela kanjani i-smart plug, elawulwa nge-Wi-Fi, futhi uyisebenzise ukuze uqhubeke nokuhlaselwa amadivayisi aphelelwe yisikhathi kunethiwekhi yendawo anokungakhethi okungafakwanga (ngokwesibonelo, kungenzeka ukuhlasela ikhompyutha ye-Windows 7 ngaphandle kokubuyekeza kunethiwekhi yangaphakathi nge-NAT traversal).

Ukusizakala ngokuba sengozini, umhlaseli kufanele abe sebangeni ledivayisi engenantambo uhlose ukuthumela isethi yozimele abenzelwe ngokukhethekile isisulu.

Izinkinga zithinta amadivayisi amaklayenti namakhadi angenantambokanye nezindawo zokufinyelela ze-Wi-Fi nama-routers. Ngokuvamile, i-HTTPS ngokuhlangana nokubethela kwethrafikhi ye-DNS isebenzisa i-DNS ngaphezulu kwe-TLS noma i-DNS ngaphezulu kwe-HTTPS yanele njengendawo yokusebenza yokuvikela. I-VPN ibuye ilungele ukuvikelwa.

Okuyingozi kakhulu ukukhubazeka okune ekusetshenzisweni kwamadivayisi angenantambo okuvumela izindlela ezingasho lutho ukufeza ukufaka ozimele bazo abangabhalwanga:

  • Ukuba sengozini I-CVE-2020-26140 ne-CVE-2020-26143 vumela ukubiyela kwezinye izindawo zokufinyelela namakhadi angenazintambo ku-Linux, Windows, naku-FreeBSD.
  • Ukuba sengozini I-CVE-2020-26145 ivumela izigaxa zokusakaza ezingabhaliwe ukuthi ziphathwe njengozimele abagcwele kuma-macOS, i-iOS, ne-FreeBSD ne-NetBSD.
  • Ukuba sengozini I-CVE-2020-26144 inika amandla ukucubungulwa kozimele abangabhalwanga abahlanganiswe kabusha be-A-MSDU nge-EtherType EAPOL ku-Huawei Y6, Nexus 5X, FreeBSD ne-LANCOM AP.

Okunye ukuba sengozini kokuqalisa ikakhulukazi kuhlobene nezinkinga ekusingatheni izinhlaka ezihlukanisiwe:

  • I-CVE-2020-26139: ivumela ukudluliswa kwamafreyimu amakwe e-EAPOL athunyelwe ngumthumeli ongagunyaziwe (kuthinta izindawo zokufinyelela eziqinisekisiwe ezi-2/4, izixazululo zeNetBSD nezikaFreeBSD).
  • I-CVE-2020-26146- Ikuvumela ukuthi uphinde uhlanganise izingcezu ezibethelwe ngaphandle kokubheka ukuhleleka kwezinombolo zokulandelana.
  • I-CVE-2020-26147- Ivumela ukuhlelwa kabusha kwezingcezu ezihlanganisiwe ezibethelwe futhi ezingabhalwanga.
  • I-CVE-2020-26142: Ivumela ozimele abahlukanisiwe ukuthi baphathwe njengozimele abagcwele (kuthinta imodyuli engenantambo ye-OpenBSD ne-ESP12-F).
  • I-CVE-2020-26141: Akukho ukuhlolwa kwe-TKIP MIC kozimele abahlukanisiwe.

Kwezinye izinkinga ezikhonjiwe:

  • I-CVE-2020-24588: Ukuhlaselwa kohlaka okuhlanganisiwe okuvumela umsebenzisi ukuthi aqondiswe kabusha kuseva ye-DNS enonya noma ukuwela nge-NAT kushiwo njengesibonelo sokuhlaselwa.
  • I-CVE-2020-245870- Ukuhlaselwa kokuxubeka okuyisihluthulelo (ukuhlelwa kabusha kwezingcezu ezibethelwe ngokhiye ohlukile kuvunyelwe ku-WPA, WPA2, WPA3 naku-WEP). Ukuhlaselwa kukuvumela ukuthi kunqume idatha ethunyelwe iklayenti, ngokwesibonelo, ukunquma okuqukethwe kwekhukhi lapho kufinyelelwa nge-HTTP.
  • I-CVE-2020-24586 - I-Fragment Cache Attack (izindinganiso ezihlanganisa i-WPA, i-WPA2, i-WPA3 ne-WEP azidingi ukususwa kwezingcezwana esezivele sezihleli kunqolobane ngemuva kokuxhumeka okusha kunethiwekhi). Ivumela ukukhomba idatha ethunyelwe yikhasimende nokwenza ukushintshwa kwedatha yabo.

Uma ufuna ukwazi kabanzi ngayo, ungabonisana isixhumanisi esilandelayo.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.