Pushed a small update hcxdumptool. From now on we parse SAE completely:
[10:10:20 - 005] c83a35000002 -> c83a35000001 [AUTHENTICATION, SAE COMMIT, STATUS 0, SEQUENCE 304]
[10:10:20 - 005] c83a35000001 -> c83a35000002 [AUTHENTICATION, SAE COMMIT, STATUS 0, SEQUENCE 337]
[10:10:20 - 005] c83a35000002 -> c83a35000001 [AUTHENTICATION, SAE CONFIRM, STATUS 0, SEQUENCE 305]
[10:10:20 - 005] c83a35000001 -> c83a35000002 [AUTHENTICATION, SAE CONFIRM, STATUS 0, SEQUENCE 338]
[10:10:20 - 005] c83a35000001 -> c83a35000002 [FOUND PMKID]
[10:10:20 - 005] c83a35000001 -> c83a35000002 [FOUND AUTHORIZED HANDSHAKE, EAPOL TIMEOUT 3741]
as you can see here:
[10:10:20 - 005] c83a35000001 -> c83a35000002 [FOUND PMKID]
We are not able to attack SAE yet...
Remarks:
SAE = Simultaneous authentication of equals
pre-shared password-based authentication with stronger security than WPA-PSK (as known as WPA3-Personal)
struct sae_commit_authentication_frame
{
uint16_t group_id;
uint8_t scalar[32];
uint8_t commit_element_x[32];
uint8_t commit_element_y[32];
} __attribute__((__packed__));
struct sae_confirm_authentication_frame
{
uint16_t send_confirm;
uint8_t confirm[32];
} __attribute__((__packed__));
read more about the status codes (reason codes) here:
https://community.cisco.com/t5/wireless-...-p/3148055
read more about WPA3-Personal and WPA3-Enterprise here:
https://blogs.cisco.com/wireless/greater...r-security
[10:10:20 - 005] c83a35000002 -> c83a35000001 [AUTHENTICATION, SAE COMMIT, STATUS 0, SEQUENCE 304]
[10:10:20 - 005] c83a35000001 -> c83a35000002 [AUTHENTICATION, SAE COMMIT, STATUS 0, SEQUENCE 337]
[10:10:20 - 005] c83a35000002 -> c83a35000001 [AUTHENTICATION, SAE CONFIRM, STATUS 0, SEQUENCE 305]
[10:10:20 - 005] c83a35000001 -> c83a35000002 [AUTHENTICATION, SAE CONFIRM, STATUS 0, SEQUENCE 338]
[10:10:20 - 005] c83a35000001 -> c83a35000002 [FOUND PMKID]
[10:10:20 - 005] c83a35000001 -> c83a35000002 [FOUND AUTHORIZED HANDSHAKE, EAPOL TIMEOUT 3741]
as you can see here:
[10:10:20 - 005] c83a35000001 -> c83a35000002 [FOUND PMKID]
We are not able to attack SAE yet...
Remarks:
SAE = Simultaneous authentication of equals
pre-shared password-based authentication with stronger security than WPA-PSK (as known as WPA3-Personal)
struct sae_commit_authentication_frame
{
uint16_t group_id;
uint8_t scalar[32];
uint8_t commit_element_x[32];
uint8_t commit_element_y[32];
} __attribute__((__packed__));
struct sae_confirm_authentication_frame
{
uint16_t send_confirm;
uint8_t confirm[32];
} __attribute__((__packed__));
read more about the status codes (reason codes) here:
https://community.cisco.com/t5/wireless-...-p/3148055
read more about WPA3-Personal and WPA3-Enterprise here:
https://blogs.cisco.com/wireless/greater...r-security