Well, a protection researcher has discovered a brand new WiFi hacking approach that makes it easier for hackers to crack WiFi passwords of most modern-day routers.

Discovered by the lead developer of the popular password-cracking device Hashcat, Jens 'Atom' Steube, the brand new WiFi hack works explicitly in opposition to WPA/WPA2 wireless community protocols with Pairwise Master Key Identifier (PMKID)-based totally roaming capabilities enabled.

The attack to compromise the WPA/WPA2 enabled WiFi networks changed into accidentally discovered by Steube while he became reading the newly-launched WPA3 protection standard.

This new WiFi hacking method may want to potentially permit attackers to recover the Pre-shared Key (PSK) login passwords, allowing them to hack into your Wi-Fi network and eavesdrop on Internet communications.

How to Hack WiFi Password Using PMKID

According to the researcher, the formerly recognized WiFi hacking strategies require attackers to attend for someone to log right into a community and capture a full 4-way authentication handshake of EAPOL, which is a network port authentication protocol.

Whereas, the brand new attack no longer requires another person to be on the target community to capture credentials. Instead, it's far executed at the RSN IE (Robust Security Network Information Element) the use of an unmarried EAPOL (Extensible Authentication Protocol over LAN) body after inquiring for it from the access factor.

Robust Security Network is a protocol for establishing secure communications over an 802.11 wireless network and has PMKID, the key had to establish a connection among a purchaser and an access point, as one in every one of its capabilities.

Step 1 — An attacker can use a tool, like hcxdumptool (v4.2.0 or higher), to request the PMKID from the targeted access point and dump the received frame to a file.

$ ./hcxdumptool -o test.pcapng -i wlp39s0f3u4u5 --enable_status

Step 2 — Using the hcxpcaptool tool, the output (in pcapng format) of the frame can then be converted into a hash format accepted by Hashcat.

$ ./hcxpcaptool -z test.16800 test.pcapng

Step 3 — Use Hashcat (v4.2.0 or higher) password cracking tool to obtain the WPA PSK (Pre-Shared Key) password, and bingo, that's how to hack wifi password.

$ ./hashcat -m 16800 test.16800 -a 3 -w 3 '?l?l?l?l?l?lt!'

That's the password of the target wi-fi community, cracking which may also take time depending on its length and complexity.

"At this time, we do not realize for which carriers or for how many routers this method will work, but we think it'll work against all 802.11i/p/q/r networks with roaming capabilities enabled (most present-day routers)," Steube said.

Since the new WiFi hack handiest works against networks with roaming capabilities enabled and calls for attackers to brute force the password, users are advocated to shield their WiFi network with a stable password that's tough to crack.

This WiFi hack additionally does not work in opposition to next-generation wireless protection protocol WPA3, because the new protocol is "much more difficult to assault due to its present-day key establishment protocol called "Simultaneous Authentication of Equals" (SAE)."