What can someone do after discovering a "exploit"?

[hannah]

Ok.. done some further study...And this algorithm definitely works with Thomson TG585 v7 router. I have calculated WPA PSK manually as well as with this python script http://pastebin.com/tjV2RZ23 and it matches.

I am now talking about Thomson TG585 v8

Here is an output of wps2key for TG585 v8:

Code:

root@bt:~/scripts/wpstools# ./wps2key.py -i mon0
WARNING: No route found for IPv6 destination :: (no default route?)

BSSID: 08:76:FF:10:4B:D4
ESSID: Thomson104BD4
----------------------------------------------------------
Version                           : 0x10
WPS State                         : 0x02
Response Type                     : 0x03
UUID-E                            : 0x71a8e7f061795361a4c9736bfc330c12
Manufacturer                      : THOMSON
Model Name                        : Thomson TG
Model Number                      : 585 v8
Serial Number                     : 1040SF3DH
DEFAULT KEY                       : 9438086AB8
Primary Device Type               : 0x00060050f2040001
Device Name                       : Thomson TG585 v8
Config Methods                    : 0x0084
RF Bands                          : 0x03

I also have calculated the default key manually and had arrived with the following sha-1 hash
9438086ab83e2d16eaffccd167f4c0ef6aa6feae

So far so good except this is the not the printed WPA PSK key..

Here is the details printed on the sticker on the modem:

Mac: 08:76:FF:10:0E:81 (Note the difference in MAC Address, I was rather surprised)
Access Key: NRMWF6EN
S/N: CP1040SF3DH
WPA Key: CA0CFFE8B2

Note the Key which is printed is different from what was calculated.

So the question is what is the new algorithm and is there something I am doing here wrong.

Reagrds

[ternarybit]

No! I'm not that smart Back in April 2008, Kevin Devine discovered that flaw (calculating the default password from the serial number) and created a PoC where you can calculate all possible default passwords based on the last 6 chars of the default SSID. Around 2009/2010, Thomson (I guess) fixed this issue by changing the last chars of the SSID to the last 6 chars of the AP's MAC address. This fixed the vulnerability found by Kevin, but I discovered that the router freely announces it's serial number through WPS. So I just had to check Kevin's discovery on how to calculate the default password from the serial number and ta-da! Vulnerability found. If you want, you can read more about Kevin's findings in the link posted by hannah. If you want a more hardcore explanation, you can read it here:

Code:

http://www.hakim.ws/st585/KevinDevine/

Cheers!

Thanks for the info! It's amazing he was able to reverse-engineer the setup installer to arrive at the conclusion.

I'm most interested in this topic because I'm working on the exact same task with AT&T Uverse router configurations. I posted my progress in http://www.backtrack-linux.org/forum...ad.php?t=50963 this thread.

I'm pretty sure the default WPA PSK is derived from the BSSID somehow, because the serial number is just the decimal form of the BSSID. Using some kind of hashing function makes sense, because it's easy to ensure uniform output. I don't think there is any setup executable available for these routers, but I'm excited to try some different hashing methods to see what I get.

[Snayler]

[CODE]Mac: 08:76:FF:10:0E:81 (Note the difference in MAC Address, I was rather surprised)
Access Key: NRMWF6EN
S/N: CP1040SF3DH
WPA Key: CA0CFFE8B2

Note the Key which is printed is different from what was calculated.

So the question is what is the new algorithm and is there something I am doing here wrong.

Reagrds

No, you're doing it right. That router has the new algorithm, you can check it by looking at the serial number, if it starts with 10 (means it was made in 2010) it will probably not be vulnerable (early 2010 routers are still exploitable). They started using the new algorithm on new routers and as far as I know, this new algorithm is not known.

Thanks for the info! It's amazing he was able to reverse-engineer the setup installer to arrive at the conclusion.

I'm most interested in this topic because I'm working on the exact same task with AT&T Uverse router configurations. I posted my progress in http://www.backtrack-linux.org/forum...ad.php?t=50963 this thread.

I'm pretty sure the default WPA PSK is derived from the BSSID somehow, because the serial number is just the decimal form of the BSSID. Using some kind of hashing function makes sense, because it's easy to ensure uniform output. I don't think there is any setup executable available for these routers, but I'm excited to try some different hashing methods to see what I get.

We currently have a case in my country where someone was able to dump the algorithm from a router distributed by a major ISP. The instructions are in Assembly for ARM and there is a community trying to reverse-engineer the instructions. So far it is known that the code is calculating the wpa-key based on the router's MAC address. I believe Thomson is using a similar technique on their new algorithm.

[hannah]

Code:

root@bt:~/scripts/wpstools# ./wps2key.py -i mon0

BSSID: 08:76:FF:10:4B:D4
ESSID: Thomson104BD4

(IMHO) the PSK key will be derived from the MAC address of the router as the ESSID is derived from the MAC address. Still a guess work though. It was mentioned in Post #12 anyway.

[hannah]

Found related discussion here:
http://translate.googleusercontent.c...n-vtEY6KdnQJEA

And the prog here:

http://packetstormsecurity.org/files...tkeygen.tar.gz

cheers

Hannah

[msramalho]

Hi again! Someone edited the wpscan.py script to include the hash calculations for Thomson routers. If you want to give it a try, here's the modified code:
pastebin - wps2key.py

Could you please tell me how to use this? Or report me to a place where i can learn

[thorin]

Snayler,
pentrite,

English.... Learn it. Your grammar sucks.

At least it made me learn a new word, whether me meant to or not http://dictionary.reference.com/browse/evolute

[Snayler]

Could you please tell me how to use this? Or report me to a place where i can learn

You can use it with your BT distro. Just download, and issue the following commands on a terminal (I'll assume you have root, so no need for sudo):

Code:

cd /directory/of/downloaded/wpscan/
cp ./wpscan.py /usr/bin/wpscan
chmod +x /usr/bin/wpscan

After this, you can type "wpscan" into your terminal window and use the program.

[daedalus1776]

Could you please tell me how to use this? Or report me to a place where i can learn

Sure. Link: www.google.com

[msramalho]

Sure. Link: www.google.com

Of course I tried that first.