whiteknight

Short answer I have no information. However, the tetra currently supports 2.4 and 5ghz wifi. So barring a radical change in the frequency plan from the FCC, the old product only needs software updates currently available via ssh. I feel confident that Hak5 has perfected the tool to where they want it and have moved on to other projects. Even WPA3 (available in 2018, lol) is just a software update away from being available on dumb radios.

Yeah, "here's an executable you run it." is not a great approach. I have seen a "killswitch" in action deployed en mass. You want to hook the .dll (possibly even replace the windows version of the .dll). By grabbing it at the OS level there is a less noticeable action/reaction to the plugging in of usb devices. If the machine just turns off the port/device then mitigation has occurred. Have windows log the time, users logged into the machine and other details for automated reporting. The "attacker," who could be a disgruntled employee, will think the machine is locked down, or even that his attack was successfully silent.

So the easy answer is there is no "footprint" both the pmkid and 4 way eapol attacks are based around "capturing" the bits in question. This means your radio must hear the communications and your software must record the information. The tools from the -ng suite are acceptable pieces of software for this type of attack. Your question of "footprint" is really a question of speed. here is how that breaks down. The PMKID is contained within the 4 way eapol. So getting the EAPOL or the PMKID is entirely the same. A deauth attack is the noisy way to cause a reconnect to occur. However these packets do occur naturally when a device joins the network, thus it is possible to capture an EAPOL or PMKID without sending a single packet from your radio. Reconnects happen around a human schedule. Engaging a business? just listen between 1130 and 1400. Someone will head off campus for lunch. Engaged in a neighbourhood? Just listen between 1600 and 2000 to capture someone coming home from work. These reconnections will occur naturally and thus leave no "footprint" because you never sent a single electron. Backtrack had a motto, "the quieter you are the more you will hear." Combine that with social engineering and you can capture your target packets.