thanks for the video, I always wondered what is it that's preventing me from getting connected to a wifi network without a password. Hope to see some more info videos like this.
Can you do a video on de-auth and disassociation message alone. I am not getting those concept. CWSP text says, it's a notification message. Can you elaborate on that? Btw, your videos are good
Hm, PSK is used as an authentication method, while the rest of the components for the PTK are sent in clear text in 4-way handshake. I'm confused why to use this method for deriving encryption keys. Something like public key exchange would be much more secure (may be like IPsec phase 1).
Hey, very good info.... I have similar issue where my PSK I'm giving on my laptop is correct but the M3 is not generating in the Wireshark packets, suspecting an issue from encryption keys...any help here please?
It's good to be able to see this sort of information come across. Now I understand a little better how wireless devices authenticate. Also, do you think you may be able to do a video on how to clone a repository for linux? I've got a feeling that it would be useful for people who don't have a stable net connection
Thank you for the great explanation. Also I got a question, since this 4-way handshake works based on the EAPoL framework, does it mean in the Message 2 frame, the Supplicant send its PMK (PSK) in this frame as well? So the AP can check if the PSK is correct? If the PMK is correct then the AP will continue the Handshake process and send back the Message 3. If not then the AP terminates the Authentication process. I’m not sure if my understanding is correct
no PMK/PSK is never transmitted over network. Both sides verify that the opposite side knows PMK by calculating MIC over EAPoL packet using generated PTK. If they matches, then they know the oppisite side has calculated same PTK == had PMK
In the future when you're doing these videos can you keep the camera or the video on the screen yes you're very pretty but it doesn't help me learn anything to look at your face I need to see the screen
Good job explaining this handshake! Pretty cool stuff.
Very good in depth explanations.. seeking more and more of this!
thanks for the video, I always wondered what is it that's preventing me from getting connected to a wifi network without a password. Hope to see some more info videos like this.
Can you do a video on de-auth and disassociation message alone. I am not getting those concept. CWSP text says, it's a notification message. Can you elaborate on that? Btw, your videos are good
Hm, PSK is used as an authentication method, while the rest of the components for the PTK are sent in clear text in 4-way handshake. I'm confused why to use this method for deriving encryption keys. Something like public key exchange would be much more secure (may be like IPsec phase 1).
Hey, very good info.... I have similar issue where my PSK I'm giving on my laptop is correct but the M3 is not generating in the Wireshark packets, suspecting an issue from encryption keys...any help here please?
It's good to be able to see this sort of information come across. Now I understand a little better how wireless devices authenticate. Also, do you think you may be able to do a video on how to clone a repository for linux? I've got a feeling that it would be useful for people who don't have a stable net connection
Great video, but where is the fourth way? Was the explanation of the message 4 skipped?
Thank you for the great explanation. Also I got a question, since this 4-way handshake works based on the EAPoL framework, does it mean in the Message 2 frame, the Supplicant send its PMK (PSK) in this frame as well? So the AP can check if the PSK is correct? If the PMK is correct then the AP will continue the Handshake process and send back the Message 3. If not then the AP terminates the Authentication process. I’m not sure if my understanding is correct
no PMK/PSK is never transmitted over network. Both sides verify that the opposite side knows PMK by calculating MIC over EAPoL packet using generated PTK. If they matches, then they know the oppisite side has calculated same PTK == had PMK
Thanks for the explanation!
Thanks for the video! You answered every question I came here with.
Hey man, thanks a lot for this tutorial, it was great, although we missed packet 4 oops, it's ok. Cheers
So a deauth attack would be a way to capture the 4-way handshake, and then be able to decrypt traffic? or would you still need to know the PSK?
You still need to know the PSK
Can't anyone generate PTK of anyone since he can just access the anonce and snonce messages since they are not encrypted???
Yes. As long as they captured those, and know the passphrase. I've done a video on how to use that in Wireshark to look at enctyped traffic.
@@TallPaulTech thank you very much!
Please stay on the screen so we can see wireshark and what you are talking about . I don't care what you look like
I don't care what you care about, so feel free to go and fuck yourself.
@@TallPaulTech you are no better than him...
@@TallPaulTech Oh I'm so sorry that I hurt the narcissist feelings
@@TallPaulTech lol
so who's gon tell him he can pause it?
In the future when you're doing these videos can you keep the camera or the video on the screen yes you're very pretty but it doesn't help me learn anything to look at your face I need to see the screen