Overview
Explore a critical Wi-Fi security vulnerability called Kr00k (CVE-2019-15126) that affected over a billion devices worldwide. Dive into the technical details of how this flaw in Broadcom and Cypress Wi-Fi chips allowed attackers to decrypt network packets using an all-zero encryption key. Learn about the widespread impact on devices from major manufacturers like Apple, Samsung, Google, and Amazon. Witness a live demonstration of exploiting the vulnerability, including techniques to trigger Wi-Fi reassociations, force the use of compromised encryption keys, and decrypt intercepted packets. Gain valuable insights into this significant security issue presented by researchers Robert Lipovsky and Stefan Svorencik at the Black Hat conference.
Syllabus
Kr00k: Serious Vulnerability Affected Encryption of Billion+ Wi-Fi Devices
Taught by
Black Hat