Model Based fuzzing of the WPA3 Dragonfly Handshake

Posted on in Security • Tagged with WPA3, Dragonfly, SAE, Fuzzing, libFuzzer, Greybox Fuzzing

The results of my Master thesis named Model based fuzzing of the WPA3 Dragonfly handshake will be quickly discussed in this blog post. No severe vulnerabilities were discovered, mostly due to the limited deployment of WPA3 hardware since it's introduction. However, a DoS vulnerability in iwd was found.


Continue reading

Fuzzing the WPA3 Dragonfly handshake

Posted on in Security • Tagged with wpa3, SAE, Dragonfly, fuzzing

Implementing possible fuzzing strategies with boofuzz against the WPA3 SAE Dragonfly handshake. Dragonfly is the main ingredient of WPA3 certified routers and 802.11 devices.


Continue reading