**Vulnerability** WiFi Protected Setup

Discussion in 'Networking, Telephony & Internet' started by callan, Dec 28, 2011.

  1. callan

    callan Member

    Joined:
    Aug 16, 2001
    Messages:
    4,687
    Location:
    melbourne
    Oh joy of joys - looks like a doozey. Disable WPS if you can, guys.

    Strictly speaking, the vulnerability lies within the "WPS – PIN" part of the WPS specification.. but since this is the section of WPS that allows connections WITHOUT physical intervention at the access point itself (in the form of pressing a button) - it's more than just theoretical.

    HERE - via Slashdot..

    On my Cisco WAP4410N, (2.0.4.2 firmware), there is no way of disabling WPS from the web interface - some googling gave me a method via an SSH terminal session, so I'm cool - but if this one pans out, it's going to be rather nasty - WPS is usually enabled on consumer-grade access points/wireless routers.

    Callan
     
    Last edited: Jan 3, 2012
  2. ThunderbirdMoz

    ThunderbirdMoz Member

    Joined:
    May 25, 2010
    Messages:
    1,287
    Location:
    Queensaldn
    Does this make it open to war drivers or over the net?
     
  3. OP
    OP
    callan

    callan Member

    Joined:
    Aug 16, 2001
    Messages:
    4,687
    Location:
    melbourne
    Not really - but it depends entirely on how the AP reacts. If the AP has IDS behavior, it might not be practicable, but if not - it can take less than 2 minutes to get a connection. 11,000 possible combinations is trivial.

    Callan
     
  4. bcann

    bcann Member

    Joined:
    Feb 26, 2006
    Messages:
    5,429
    Location:
    NSW
    why are people using WPS to begin with? its like using the cd that came with your router to setup the username/password for your dsl connection, and almost always inherently insecure.

    Its the first thing i disable along with more then a few other things.
     
  5. Nitephyre

    Nitephyre Member

    Joined:
    Mar 31, 2007
    Messages:
    1,457
    Location:
    ormeau@gc.qld.au
    Tell that to the millions of wl-ap, DLINK, linksys etc SSIDs out there :D
     
  6. bcann

    bcann Member

    Joined:
    Feb 26, 2006
    Messages:
    5,429
    Location:
    NSW
    Don't you mean telstra customers :weirdo:
     
  7. OP
    OP
    callan

    callan Member

    Joined:
    Aug 16, 2001
    Messages:
    4,687
    Location:
    melbourne
  8. DSx2

    DSx2 Member

    Joined:
    Jul 13, 2010
    Messages:
    103
    Location:
    [Newc]
  9. ThunderbirdMoz

    ThunderbirdMoz Member

    Joined:
    May 25, 2010
    Messages:
    1,287
    Location:
    Queensaldn
    The basic code has been open sourced: http://code.google.com/p/reaver-wps/

    Might be good to test your setup if you can roll your own.

    I'm sure the router makers are rushing to release new firmware which disables WPS if it can't be already.
     
  10. qwertylesh

    qwertylesh Member

    Joined:
    Aug 21, 2007
    Messages:
    8,484
    my WAG120N has either Manual or WPS as the wireless mode (radio boxes), luckily its always been set to Manual. So its not enabled by default for mine AFAIK.

    thanks for the heads up tho guys, better safe then sorry etc etc
     
  11. alch

    alch Member

    Joined:
    Oct 9, 2006
    Messages:
    1,541
    Location:
    Perth
    Mwahaha. Im safe. :>
     
  12. Doso

    Doso Member

    Joined:
    Jul 16, 2002
    Messages:
    5,777
    Location:
    [Vic]Melbourne
    looks like WPS is disabled by default on my draytek

    It's time like this I'm thankful I don't have cheap ass router that can't disable WPS
     
  13. HeadShot001

    HeadShot001 Member

    Joined:
    Jan 27, 2005
    Messages:
    22
    Same here, my Draytek has it disabled also. Although any person with enough IT knowledge would have this shit disabled anyway. Without the correct PSK, MAC address and SSID you ain't gettin' into my network!
     
  14. The_Frag_Man

    The_Frag_Man Member

    Joined:
    Dec 12, 2005
    Messages:
    66
    My fritzbox has it disabled by default too. Hooray for expensive modems!
     
  15. Dodge M4S

    Dodge M4S Member

    Joined:
    Jul 31, 2006
    Messages:
    3,224
    Location:
    6061
    How can you tell if you have WPS?
     
  16. Dass Booty

    Dass Booty Member

    Joined:
    Aug 11, 2001
    Messages:
    1,689
    Location:
    Logan, Queensland
    My cheapo Billion 7700N has WPS disabled (by default).

    You should see it as an option under wireless when viewing your modem's config pages. :weirdo:
     
  17. FantoM_CircuiT

    FantoM_CircuiT Member

    Joined:
    Oct 21, 2002
    Messages:
    1,044
    Location:
    Melbourne
    My Billion 7800N had it disabled by default also. Advanced -> Configuration -> LAN -> WPS
     
  18. bbjayo

    bbjayo Member

    Joined:
    Apr 16, 2002
    Messages:
    463
    Location:
    Brisbane
    You don't need an expensive router. Users of Gargoyle, Tomato etc. will be fine also.

    bb
     
  19. daztay

    daztay Member

    Joined:
    Feb 17, 2006
    Messages:
    1,341
    Location:
    Melbourne
    http://arstechnica.com/business/news/2012/01/hands-on-hacking-wifi-protected-setup-with-reaver.ars

    I might try this myself
     
  20. qwertylesh

    qwertylesh Member

    Joined:
    Aug 21, 2007
    Messages:
    8,484
    shit >_>
    this is not good D:
     

Share This Page