Free Preparation Discussions
MENU
Eccouncil Exam 112-51 Topic 4 Question 34 Discussion
Topic #: 4
George, a professional hacker, targeted a bank employee and tried to crack his password while he was attempting to log on to the remote server to perform his regular banking operations. In this process, George used sniffing tools to capture the password pairwise master key (PMK) associated with the handshake authentication process. Then, using the PMK, he gained unauthorized access to the server to perform malicious activities.
Identify the encryption technology on which George performed password cracking.
WPA2 (Wi-Fi Protected Access 2) is an encryption technology that secures wireless networks using the IEEE 802.11i standard. WPA2 uses a four-way handshake to authenticate the client and the access point, and to generate a pairwise transient key (PTK) for encrypting the data. The PTK is derived from the password pairwise master key (PMK), which is a shared secret between the client and the access point. The PMK can be obtained either by using a pre-shared key (PSK) or by using an 802.1X authentication server. In the above scenario, George performed password cracking on WPA2, as he used sniffing tools to capture the PMK associated with the handshake authentication process. Then, using the PMK, he was able to derive the PTK and decrypt the data exchanged between the client and the access point. Reference:
How WPA2-PSK encryption works? - Cryptography Stack Exchange
WPA2 Encryption and Configuration Guide - Cisco Meraki Documentation
Currently there are no comments in this discussion, be the first to comment!