Developers of the popular password recovery tool Hashcat have identified a new method that can in some cases be used to obtain a network’s Wi-Fi Protected Access (WPA) or Wi-Fi Protected Access II (WPA2) password.
Jens ‘Atom’ Steube, the lead developer of Hashcat, revealed that the new attack method was discovered by accident during an analysis of the recently launched WPA3 security standard.
According to Steube, the main difference between the new and older attacks is that the new method does not require capturing a full 4-way handshake of Extensible Authentication Protocol over LAN (EAPOL), which is a network port authentication protocol. Instead, the attack targets the Robust Secure Network Information Element (RSN IE).
Source: Eduard Kovacs | SecurityWeek.Com