WPA3 Downgrade attack
WLAN configured for WPA3 SAE with backward compatibility
Confirmation via airodump-ng
Create a rouge access point that will broadcast an RSN IE of WPA2
Start airodump-ng before running the fake AP
Start fake AP
Clients are already trying to auth against the fake AP
The fake AP does not know the correct PSK, but the client and AP will exchange a few frames. The four-way hand-shake was captured
Attempt to retrieve the PSK via a dictionary attack
Script to execute the scenario
Resources
Last updated