isf

krackattacks-scripts

This project provides a suite of Python scripts to detect vulnerabilities related to the KRACK (Key Reinstallation Attack) against WPA2 Wi-Fi security. It allows security researchers and network administrators to test whether specific clients or access points are affected by critical CVEs like CVE-2017-13077 and CVE-2017-13080. ## Key Features - **Client Vulnerability Testing** — Seven distinct tests to check for key reinstallation vulnerabilities in Wi-Fi clients, including pairwise and group key handshake flaws. - **Access Point Testing** — Detects vulnerabilities in the FT (Fast Transition) handshake (802.11r) used by access points during roaming. - **Detailed Test Mapping** — Scripts correspond to official Wi-Fi Alliance test cases for standardized vulnerability assessment. - **Manual Verification Support** — Includes guidance for using additional monitoring interfaces to manually confirm script findings. - **Regulatory and Hardware Considerations** — Provides notes on hardware encryption, 5 GHz band limitations, and driver adjustments for accurate testing. ## Philosophy The project emphasizes responsible security testing by providing tools to verify patches and assess real-world vulnerability status, rather than functioning as attack scripts. It requires legitimate network credentials to operate.

PPPwn (CVE-2006-4304)

PPPwn - PlayStation 4 PPPoE RCE

fragattacks

FragAttacks is a security testing tool that identifies vulnerabilities in Wi-Fi implementations related to frame fragmentation and aggregation. It can test both clients and access points for a range of flaws that impact WPA2 and WPA3 networks, helping security researchers and network administrators assess the security of their Wi-Fi devices. ## Key Features - **Fragmentation Attack Testing** — Tests for vulnerabilities where Wi-Fi frames are split into fragments and reassembled incorrectly. - **Aggregation (A-MSDU) Attack Testing** — Checks for flaws in handling aggregated MAC service data units. - **Mixed Key Attack Detection** — Identifies issues where fragments encrypted under different keys are accepted. - **Cache Attack Verification** — Tests whether fragments remain in memory after disassociation or reconnection. - **Plaintext Injection Checks** — Detects acceptance of plaintext frames in encrypted networks. - **Broadcast Fragment Testing** — Assesses vulnerabilities related to broadcast frame handling. - **EAPOL Frame Attack Simulation** — Tests for cloaking attacks using EAPOL frames within A-MSDU aggregates. - **Multiple Interface Modes** — Supports mixed mode (single card), injection mode (two cards), and experimental hwsim mode. - **Comprehensive Test Suite** — Includes sanity checks, basic behavior tests, and extended vulnerability tests. - **Driver and Firmware Patching** — Provides patched Linux drivers and firmware for compatible network cards. ## Philosophy FragAttacks aims to provide a rigorous, open-source tool for uncovering fundamental Wi-Fi security flaws, emphasizing practical testing over theoretical analysis to help secure real-world networks.