Sunday 20th April 2014Login | Register
Pages: [1] 2

WPA2 Password Cracking in under 10 hours - WPS Side-channel attack

« on 30/12/2011, 11:16 »
I've seen a few news articles come through in the past 24 hours about a new Wi-Fi attack. It uses an attack on the implementation of WPS (ironically, WiFi Protected Setup) to crack WPA and WPA2 network passwords:

http://nakedsecurity.soph...through-security-feature/
http://isc.sans.edu/diary.html?storyid=12292

Here is a more technical write-up of the vulnerability:
http://sviehb.files.wordp...2011/12/viehboeck_wps.pdf

I won't link to the tool, but there is already some free software around to do this.

Long passwords are no defence against this as it actually cracks an 8 character PIN. Best thing you can do is to search for the model of your router and see if you can disable WPS.

[Moderator's note by Dick (Strat) First and last URLs fixed.

« Last Edit: 30/12/2011, 11:36 by Strat »

Logged
  • Strat
  • Forum Moderator
  • Posts: 16176
  • View Profile
« Reply #1 on 30/12/2011, 11:30 »
WPS appears to be off by default on my Billion 7800N.
Customer and Forum Moderator  Which Plusnet gateway are you on. Click to find out.  and  Dave's Unlimited Traffic Management Blog.
Plusnet Extra.....Stratospheric on PSN playing Call of Duty Ghosts, BF3 and GTA5.
Router Billion Bipac 7800N 1.06h   Data from my weather station
Please support http://www.fairfueluk.com
Logged
  • Oldjim
  • Forum Moderator
  • Posts: 26255
  • View Profile
« Reply #2 on 30/12/2011, 11:56 »
Jim

Old Harry Rocks
Logged
  • Kelly
  • Plusnet Staff
  • *
  • Posts: 3689
  • View Profile
« Reply #3 on 30/12/2011, 11:58 »
We ship all our technicolor routers with WPS off.
Plusnet: Head of Products and Digital Care
Logged
« Reply #4 on 30/12/2011, 12:17 »
I cannot find anywhere in the setup of my BT Voyager 2110 (supplied by Plusnet) to check this setting. Does this mean the router does not have this feature? I know its a few years old but the firmware has been updated during that time.

 www.voyager.bt.com is not responding at present.

« Last Edit: 30/12/2011, 12:58 by alanf »

Logged
« Reply #5 on 30/12/2011, 14:32 »
Isn't WPS a Windows "feature"?


Support via Land-line 0800 432 0200
Logged
« Reply #6 on 30/12/2011, 14:40 »
The Voyager 2110 does not support WPS.

WPS is a wireless specification. Microsoft decided to adopt it within the Windows 7 core wireless functionality, through wireless cards that support it (supply the required API calls to windows).
Phil Richardson
EX Plusnet staff
Please note: replies before Dec 14th 2012 should be taken in the context of my prior employment at Plusnet
Logged
  • Gus
  • Posts: 2498
  • View Profile
« Reply #7 on 30/12/2011, 14:43 »
Buffalo WBMR-HP-GN have it enabled by default
Unlimited from Jan 2013
Logged
« Reply #8 on 30/12/2011, 14:43 »
Thanks Phil. It pays not to be using state-of-the-art kit it seems!
Logged
« Reply #9 on 30/12/2011, 23:07 »
I can't see what the problem is as you need access to the router for this to work. You need to press a button on it to activate WPS. Am I missing something?  Cool
Logged
« Reply #10 on 31/12/2011, 00:25 »
Taken from the first link:

Quote
It has three methods of simplifying the connection of wireless devices to WPA2 protected access points:

Push Button Connect (PBC) requires the user to push a button on the router which allows it to communicate with a client needing configuration. The client attempts to connect and the router simply sends it the security configuration required to communicate.
Client PIN mode is where the client device supports WPS and has a PIN assigned by the manufacturer. You then login to the router's management interface and enter the PIN to authorize that client to obtain the encryption configuration.
Router PIN mode allows a client to connect by entering a secret PIN from a label on the router, or from its management interface which authorizes the client to obtain the security configuration details.
The first method requires physical access, while the second requires administrative access, both of these pass muster. The third however, can be accomplished only through the use of the Wi-Fi radio.

So no you don't need to have physical access to the router.
Logged
« Reply #11 on 31/12/2011, 09:24 »
This doesn't surprise me.  The thinking must have been:

1)  Lets invent a secret password system to protect our wireless networks
2)  Oh dear, some people are too ignorant/stupid to cope with the secret password; lets invent a way of handing out the password even if they can't-remember/don't-know what it is.  And WPS was born.

Now it turns out that the means of handing out the secret password is open to abuse.  Well what a surprise!
Logged
  • purleigh
  • Posts: 3850
  • BDUK said NO to FTTC, stuck with 20CN ADSL
  • View Profile
« Reply #12 on 31/12/2011, 10:19 »
Much like all those Windows users who disable the User login password and use the machine with full administrator privileges at all times !

  Kiss ADSL Unlimited      Angry EAPUR 20CN Market 1    IPv6 6in4 tunnel      Cool 1&1 domains      Wink pfSense
Logged
  • w23
  • Posts: 4042
  • I'm definitely NOT normal, and never have been.
  • View Profile
« Reply #13 on 31/12/2011, 10:38 »
I know someone with a Talk-Talk router that thoughtfully has the WPA2 passcode printed on a label on the side of the router (helpful for users who don't think to look underneath), the router is kept on the front windowsill near the master socket.....     Who needs WPS?  Lips Sealed
Call me 'w23' Wink
At any given moment in the universe many things happen. Coincidence is a matter of how close these events are in space, time and relationship.
Opinions expressed in forum posts are those of the poster, others may have different views.
Logged
« Reply #14 on 04/01/2012, 20:15 »
We ship all our technicolor routers with WPS off.

Am I right in thinking my Thomson TG585 v7 is a Technicolor router?

Cheers!
Logged
  • spraxyt
  • Usergroup Member
  • *
  • Posts: 6743
  • View Profile
« Reply #15 on 04/01/2012, 23:30 »
Yes it is. Technicolor own the Thomson Telecom brand.
Logged
Pages: [1] 2
Jump to:  

Related Sites

Community Apps

Here at Plusnet we're always trying to use clever open source things to make our lives easier. Sometimes we write our own and make other people's lives easier too!

View the Plusnet Open Source applications page

About Plusnet

We're a Yorkshire-based provider selling broadband and phone services to homes and businesses throughout the UK. Winner of the ISPA 2010 'Best Consumer Customer Service ISP' Award, we're proud to offer the UK's best value standalone broadband.

© Plusnet plc All Rights Reserved. E&OE

Powered by SMF | SMF © 2006-2008, Simple Machines LLC

Add to Technorati Favourites