When conducting wireless penetration tests, the most common type of wireless network we see is WPA2-PSK. While this is better than WEP (thank goodness we rarely see that anymore), this type of network still has some shortcomings, depending on what you are trying to protect. Specifically in this blog, we will focus on the dangers of pre-shared keys on your wireless networks and some steps you can take to mitigate these risks.
Danger #1: Offline Password attacks
One of the dangers of pre-shared keys is that they can be captured in a hashed format over the air, allowing an attacker to perform offline password attacks to try to guess the key. A pre-shared key is basically just a shared secret or password that is used to authenticate an individual attempting to join a wireless network (no username or identification or than the key is required). As we have discussed in other blogs, one of an attacker’s main goals when trying to authenticate to anything is to capture a hashed password in order to take it offline and perform password attacks. This allows possible passwords to be checked much faster because an attacker isn’t limited by the speed of the network (as they would be trying to guess a password at a sign-in prompt for a wireless network, for example). Additionally, once the hashed password is offline, they can perform as many password guesses as they want without running into things like account lockouts, monitoring alerts, or other built in protections.
A pre-shared key can be captured in two ways. First, if an attacker can capture the 4-way handshake that takes place during the initial authentication of a client, they can see the challenge and response, which includes the encrypted key. In order to do this, an attacker can either listen on the network and wait for a new client to authenticate or, if they want to speed up the process, they can send de-auth packets to already connected clients, causing them to drop and re-establish their connection.
Another method of capturing a pre-shared key is relatively new (April 2018). This new attack takes advantage of an optional management field (RSN IE) in 802.1X. This is device specific, so this attack may not work depending on what technology is used for the access points of the wireless network being targeted, but most access points are vulnerable. In this attack, no clients need to be on the network. The attacker sends a request to the access point and reads the PMKID field, which is computed using the pre-shared key and MAC address of the access point. With this information, an attacker can take the hash offline and begin password attacks. Here is a write-up with more details about this new attack.
Once an attacker gets the hashed pre-shared key offline, the attack is very similar to how an attacker would guess your password. Simply put, if your PSK is short or based off a dictionary word (or your company name or address), an attacker will be able to crack the password rather quickly and gain access to the wireless network.
Danger #2: Key Management
The second danger of pre-shared keys is key management. Even on a well-controlled network, multiple people have access to the key. If you are closely controlling a pre-shared key it may only be known by the IT department, but in most organizations we test every employee has access to this key. In some cases, a vendor will come-onsite and need to connect to the wireless and they’ll be given the key, as well. The danger being that if an employee who knows the PSK leaves the organization, the key may not be immediately changed. Or in some cases, the key is never rotated because of the management overhead involved in updating every device.
A malicious employee, or disgruntled former employee, can sit in the parking lot and use that pre-shared key they know to attack the network. Further, because that key is spread so frequently it is hard to control it properly. Over time, this key will be written down, shared in unprotected files, emailed to people, etc. Eventually, the key is in so many places that it is impossible to keep it secure.
Another danger of pre-shared keys that is closely related to key management, is that the key is often shared to all the employees, so there is nothing that prevents an employee from connecting their personal phone or personal laptop to the network. As these are not organization-owned devices, they likely have not been hardened and, in some cases, may introduce malware to your network.
How To Protect Yourself
Now that you know the dangers of pre-shared keys, what can you do about it? The best option is to switch your wireless network to use WPA-Enterprise for authentication. In this set-up, each individual user of the network authenticates with their unique network credentials (oftentimes integrated with Active Directory). This way, when an employee leaves the company, that user account can be disabled in order to immediately remove wireless network access. Further, we recommend that you use client-certificates in addition to a password. With client certificates, both the access points and employee laptops will have a certificate. Then when an employee wants to connect to the network, they will verify the access point is valid by the access point certificate, and then authenticate to the access point with their password and client-certificate. This provides multi-factor authentication. Even if an attacker can guess the password of one employee, they will not have the certificate installed on their laptop, and therefore will not be able to access the wireless network. Additionally, this will help prevent employees from connecting their personal laptops to the network, as they will not have a certificate installed.
If you must, there are some things you can do to lower the risk of some of the dangers of pre-shared keys we’ve covered here. First, knowing that an attacker can pretty easily captured this PSK and take it offline to crack, make sure the password is strong. This includes making sure it is at least 14 characters and not based off a dictionary word. Further, limit who has access to this key to the fewest number of individuals possible. Make the administrators set-up the wireless network for employees and restrict access to this key. Finally, make sure you are rotating this key regularly. At a minimum, this should be rotated whenever someone who has access to the key that no longer needs access.