WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- WPA2 Password Cracking in under 10 hours - WPS Sid...
WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
30-12-2011 11:16 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
http://nakedsecurity.sophos.com/2011/12/30/most-wi-fi-routers-susceptible-to-hacking-through-securit...
http://isc.sans.edu/diary.html?storyid=12292
Here is a more technical write-up of the vulnerability:
http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf
I won't link to the tool, but there is already some free software around to do this.
Long passwords are no defence against this as it actually cracks an 8 character PIN. Best thing you can do is to search for the model of your router and see if you can disable WPS.
[Moderator's note by Dick (Strat) First and last URLs fixed.
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
30-12-2011 11:30 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
To argue with someone who has renounced the use of reason is like administering medicine to the dead - Thomas Paine
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
30-12-2011 11:56 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
30-12-2011 11:58 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Ex-Broadband Service Manager
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
30-12-2011 12:17 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
www.voyager.bt.com is not responding at present.
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
30-12-2011 2:32 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
"In The Beginning Was The Word, And The Word Was Aardvark."
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
30-12-2011 2:40 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
WPS is a wireless specification. Microsoft decided to adopt it within the Windows 7 core wireless functionality, through wireless cards that support it (supply the required API calls to windows).
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
30-12-2011 2:43 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
30-12-2011 2:43 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
30-12-2011 11:07 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
31-12-2011 12:25 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote It has three methods of simplifying the connection of wireless devices to WPA2 protected access points:
Push Button Connect (PBC) requires the user to push a button on the router which allows it to communicate with a client needing configuration. The client attempts to connect and the router simply sends it the security configuration required to communicate.
Client PIN mode is where the client device supports WPS and has a PIN assigned by the manufacturer. You then login to the router's management interface and enter the PIN to authorize that client to obtain the encryption configuration.
Router PIN mode allows a client to connect by entering a secret PIN from a label on the router, or from its management interface which authorizes the client to obtain the security configuration details.
The first method requires physical access, while the second requires administrative access, both of these pass muster. The third however, can be accomplished only through the use of the Wi-Fi radio.
So no you don't need to have physical access to the router.
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
31-12-2011 9:24 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
1) Lets invent a secret password system to protect our wireless networks
2) Oh dear, some people are too ignorant/stupid to cope with the secret password; lets invent a way of handing out the password even if they can't-remember/don't-know what it is. And WPS was born.
Now it turns out that the means of handing out the secret password is open to abuse. Well what a surprise!
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
31-12-2011 10:19 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
31-12-2011 10:38 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
At any given moment in the universe many things happen. Coincidence is a matter of how close these events are in space, time and relationship.
Opinions expressed in forum posts are those of the poster, others may have different views.
Re: WPA2 Password Cracking in under 10 hours - WPS Side-channel attack
04-01-2012 8:15 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Kelly We ship all our technicolor routers with WPS off.
Am I right in thinking my Thomson TG585 v7 is a Technicolor router?
Cheers!
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- WPA2 Password Cracking in under 10 hours - WPS Sid...