Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 38

Thread: WPS Vulnerability

  1. #11
    Just burned their ISO MI1c00k's Avatar
    Join Date
    Jul 2011
    Location
    Slovakia
    Posts
    9

    Default Re: WPS Vulnerability

    Gentlemans, take a look at WPScrack too. It’s a bit faster than Reaver, but will not work with all Wi-Fi adapters.

  2. #12
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    1

    Default Re: WPS Vulnerability

    I know little about linux but even I was able to crack a test AP using reaver (go me). The AP used WPA2, it took about 6 hours to crack in total. Not bad at all. I had a couple questions:

    1) The AP lists 3 options under the WPS section 1) push botton, 2) PIN, and a third option. See this pic. Since it was set to "push button" and not the pin option, why would the crack by pin still work?





    2) The PIN was set to 1234570. Im surprised reaver didnt try something like this first! My question is is there a way to enter the WPS PIN manually? I want to try other AP's i have to see if theyre set to 12345670, how would i do this ??

    thnks

  3. #13
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default Re: WPS Vulnerability

    hi,
    i'testing reaver-1.2 vs. tp-link (my-syster) after 6 hours (BT5-hdd-R132) had success!
    The Same tests on my 64-bits do not work !!!!! (why?)
    bye!

  4. #14
    Just burned his ISO FettMaster's Avatar
    Join Date
    Jan 2011
    Posts
    8

    Default Respuesta: WPS Vulnerability

    I test it and get de Wps Key in 5 hrs. Now how I connect? WICD doesnt acept the key!

  5. #15
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Re: WPS Vulnerability

    I am seeing this on my 64 bit Ubuntu install as well.

    Quote Originally Posted by zimmaro View Post
    hi,
    i'testing reaver-1.2 vs. tp-link (my-syster) after 6 hours (BT5-hdd-R132) had success!
    The Same tests on my 64-bits do not work !!!!! (why?)
    bye!
    "Never do anything against conscience -- even if the state demands it."
    -- Albert Einstein

  6. #16
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    2

    Default Re: WPS Vulnerability

    Dragorn has included an alert for reaver type WPS bruteforce attacks, in the latest SVN of kismet.
    Announcement here : http://blog.kismetwireless.net/2012/...force-ids.html

    Screendump of alert :

    Dutch

  7. #17
    Junior Member DeadlyFoez's Avatar
    Join Date
    Jul 2009
    Posts
    42

    Default Re: WPS Vulnerability

    I'm sure this isn't the case but does anyone know if there may be a pattern or range to the pins that certain manufactures use, or are they randomly issued?
    If at first you don't succeed, keep sucking until you do suck seed. --Curly

  8. #18
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default Re: WPS Vulnerability

    The router I'm now connected on has a "Generate" button that always generates a different WPS PIN. Even after resetting the router a couple of times, the PIN changes, leading me to believe they are randomly used.

  9. #19
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Re: WPS Vulnerability

    I just wanted to confirm Barry's post of 30-12-2011
    Hey guys, try this. Set your target AP to do mac authentication, then spoof the correct mac.
    Now see if reaver ever associates. Mine doesn't.
    I am experiencing the same thing with my tests, either association fails, or continuous
    timeouts. In any case no progress with the cracking.

    Checking with wireless: Atheros wireless chip, ath5k driver.
    Checking on router: Linksys E1000 v2.0 firmware v2.0.01

    For reference the ath5k did work for the crack, although it did take a while.

    http://adaywithtape.blogspot.com/201...erability.html

    Very scary indeed actually..


    Can this behaviour be confirmed by others ?
    Last edited by TAPE; 01-19-2012 at 09:57 AM. Reason: Link included to blogpost

  10. #20
    Senior Member
    Join Date
    Jan 2010
    Posts
    140

    Default Re: WPS Vulnerability

    I did some experimenting with the 3 routers that I have readily available. Yes they are mine and not my neighbors so I was able to test both the default configs and other options. My test did confirm that with my linksys router WPS was enabled regardless of what the web interface settings said. Here are my tests and results.

    1. DDWRT router- WPS not enabled by defualt. I couldn't find any options to enabled it.

    2. Linksys WRT120N- WPS enabled by default. After changing WPS to off in interface it was still enabled.

    3. Verizon Fios Actiontec ml424-WR- WPS not enabled by default. Also no way to enabled it in the we interface. WEP was on by default however...

Page 2 of 4 FirstFirst 1234 LastLast

Similar Threads

  1. Vulnerability scanners?
    By cRaZylilmuffin in forum OLD Newbie Area
    Replies: 5
    Last Post: 12-24-2009, 09:34 PM
  2. Help with where to start looking in to a vulnerability
    By watcher_60 in forum OLD Newbie Area
    Replies: 2
    Last Post: 11-20-2009, 02:31 PM
  3. WPA (tkip) vulnerability
    By B@Rz- in forum Angolo Wireless
    Replies: 9
    Last Post: 11-07-2009, 12:57 PM
  4. vulnerability scanning
    By ycpc55 in forum OLD Newbie Area
    Replies: 11
    Last Post: 05-06-2009, 07:45 AM
  5. About the famous DNS vulnerability.
    By imported_demente in forum OLD Specialist Topics
    Replies: 5
    Last Post: 08-31-2008, 09:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •