{"id":4587,"date":"2023-04-02T11:45:36","date_gmt":"2023-04-02T10:45:36","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=4587"},"modified":"2023-04-02T11:45:36","modified_gmt":"2023-04-02T10:45:36","slug":"ieee-802-11-wi-fi-protokol-ranjivost","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2023\/04\/02\/ieee-802-11-wi-fi-protokol-ranjivost\/","title":{"rendered":"IEEE 802.11 Wi-Fi protokol ranjivost"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Grupa akademskih istra\u017eiva\u010da je otkrila <em>IEEE 802.11 Wi-Fi<\/em> protokol ranjivost koja poga\u0111a \u0161irok spektar ure\u0111aja koji pokre\u0107u <em>Linux<\/em>, <em>FreeBSD<\/em>, <em>Android<\/em> i <em>iOS<\/em> operativne sisteme.<\/span><\/p>\n<div id=\"attachment_4589\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-4589\" class=\"size-full wp-image-4589\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/04\/Wi-Fi-Protocol.jpg\" alt=\"Wi-Fi Protocol\" width=\"1024\" height=\"662\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/04\/Wi-Fi-Protocol.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/04\/Wi-Fi-Protocol-300x194.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/04\/Wi-Fi-Protocol-768x497.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/04\/Wi-Fi-Protocol-18x12.jpg 18w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-4589\" class=\"wp-caption-text\"><em>IEEE 802.11 Wi-Fi protokol ranjivost; Dizajn: Sa\u0161a \u0110uri\u0107<\/em><\/p><\/div>\n<h2><strong><span style=\"font-size: 14pt;\">Ranjivost<\/span><\/strong><\/h2>\n<p><span style=\"font-size: 14pt;\">Uspje\u0161no iskori\u0161tavanje ranjivosti moglo bi da se zloupotrebi za preuzimanje <em>TCP<\/em> veza ili presretanje klijentskog i Internet saobra\u0107aja. Ovaj pristup zloupotrebljava mehanizme za u\u0161tedu energije u krajnjim ure\u0111ajima kako bi prevario pristupne ta\u010dke da objave podataka u otvorenom tekstu ili \u0161ifrovao koriste\u0107i nulti klju\u010d.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Jednostavno re\u010deno, cilj je da se izazove curenje podataka sa pristupne ta\u010dke namijenjenih klijentu, iskori\u0161tavanjem \u010dinjenice da se ve\u0107ina <em>Wi-Fi<\/em> stekova ne isklju\u010duje na odgovaraju\u0107i na\u010din ili ne urade \u010di\u0161\u0107enje prenosa kada se promjeni bezbjednosni kontekst.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span style=\"font-size: 14pt;\"><strong>Iskori\u0161tavanje ranjivosti<\/strong><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\"><em>\u00a0<\/em><\/span><span style=\"font-size: 14pt;\">Osim \u0161to mo\u017ee da manipuli\u0161e bezbjednosnim kontekstom kako bi propu\u0161tao podatke, napada\u010d mo\u017ee da nadja\u010da bezbjednosni kontekst klijenta koji pristupna ta\u010dka koristi za primanje paketa namijenjenih \u017ertvi. Ovaj napad pretpostavlja da je ciljna strana povezana sa mre\u017eom nalik aktivnoj pristupnoj ta\u010dki (eng. <em>hotspot<\/em>).<\/span><\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"font-size: 14pt;\">\u201eOsnovna ideja iza napada je da na\u010din na koji se klijenti autentifikuju nije povezan sa na\u010dinom na koji se paketi usmjeravaju do ispravnog <em>Wi-Fi<\/em> klijenta. Zlonamjerni napada\u010d mo\u017ee da zloupotrebi ovo da presretne podatke prema <em>Wi-Fi<\/em> klijentu tako \u0161to \u0107e prekinuti vezu sa \u017ertvom i zatim se povezati pod <em>MAC<\/em> adresom \u017ertve (koriste\u0107i akreditive protivnika). Sve pakete koji su jo\u0161 uvijek bili u toku do \u017ertve, takve podatke Internet stranice koje je \u017ertva jo\u0161 uvijek u\u010ditavala, sada \u0107e umjesto njega primiti napada\u010d.&#8221;<\/span><\/p>\n<p style=\"text-align: right;\"><span style=\"font-size: 14pt;\">&#8211; <a href=\"https:\/\/github.com\/vanhoefm\/macstealer\" target=\"_blank\" rel=\"noopener\"><em>Mathy Vanhoef<\/em><\/a> &#8211;<\/span><\/p>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<h4><span style=\"font-size: 14pt;\"><strong>Ograni\u010den uticaj<\/strong><\/span><\/h4>\n<p><span style=\"font-size: 14pt;\">Kompanija <em>Cisco<\/em> u svom <a href=\"https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-wifi-ffeb-22epcEWu\" target=\"_blank\" rel=\"noopener\">izvje\u0161taju<\/a> opisuje ranjivost kao oportunisti\u010dki napad, gdje bi dobijene informacije u bezbjedno konfigurisanoj mre\u017ei napada\u010du bile od minimalne koristi.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Kompanija <em>Cisco<\/em> navodi da bi ova vrsta napada mogla biti iskori\u0161tena protiv <em>Cisco<\/em> be\u017ei\u010dnih pristupnih ta\u010daka i <em>Cisco<\/em> <em>Meraki<\/em> proizvoda sa be\u017ei\u010dnim mogu\u0107nostima. Pored toga, pogo\u0111eni su jo\u0161 ure\u0111aji kompanija <em>Lancom<\/em>, <em>Aruba<\/em>, <em>Asus<\/em> i <em>D-Link<\/em>.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h5><span style=\"font-size: 14pt;\"><strong>Za\u0161tita<\/strong><\/span><\/h5>\n<p><span style=\"font-size: 14pt;\">Kako bi se smanjila vjerovatno\u0107a ovakvih napada, korisnicima se preporu\u010duje implementacija sigurnosti transportnog sloja (eng. <em>Transport Layer Security \u2013 TLS<\/em>) za <a href=\"https:\/\/sajberinfo.com\/en\/2022\/03\/20\/enkripcija-podataka-istorija-i-osnove-epizoda-1\/\" target=\"_blank\" rel=\"nofollow noopener\">\u0161ifrovanje podataka<\/a> u tranzitu i kori\u0161tenje mehanizama za implementaciju politike ograni\u010davanja pristupa mre\u017ei.<\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Grupa akademskih istra\u017eiva\u010da je otkrila IEEE 802.11 Wi-Fi protokol ranjivost koja poga\u0111a \u0161irok spektar ure\u0111aja koji pokre\u0107u Linux, FreeBSD, Android i iOS operativne sisteme. Ranjivost Uspje\u0161no iskori\u0161tavanje ranjivosti moglo bi da se zloupotrebi za&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":4589,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[187,326,186,141,126,327],"class_list":["post-4587","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-android","tag-freebsd","tag-ios","tag-linux","tag-vulnerability","tag-wi-fi"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/4587","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=4587"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/4587\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/4589"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=4587"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=4587"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=4587"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}