Can KRACK be used to obtain wifi credentials that could be used to normally connect to an AP?

Question

I have a pretty simple question about KRACK.

From what I have read it would be very common to be able to forge, decrypt, delay and block client packets as well as AP packets using KRACK.

Does this mean that an attacker could get some sort of login credentials in order to normally connect to the targeted AP? Or would the attacker have to remain in his/her MITM position?

In case the attacker would have to remain in the MITM position, could he/she use only manipulate/read the traffic of a user or could he/she also for instance establish a TCP connection and surf the Internet etc?

score 1 · Answer 1 · answered Jan 15 '18 at 13:13

An adversary using KRACK can decrypt information that is transmitted via WiFi that should be encrypted. This can only be done after a victim is authenticated to an AP. Read more on how the actual attack works here. So no, it is not possible to obtain the credentials.

However: if you were to change the password of your AP while an adversary was reading your traffic, s/he could also read the new password, if the connection to your router is not protected by another form of end-to-end encryption.

Can KRACK be used to obtain wifi credentials that could be used to normally connect to an AP?

1 Answers1