Wi-Fi protected set-up (WPS) Exploit - who's at risk?

GeX · 15 Jan 2012 at 17:38

Agreed J.B.

edscdk said:
wps is a home user thing not a corporate thing, the chances of someone "hacking" into your router using this exploit are almost 0, for every 100,000 people who get a virus and have all their details and passwords stolen 1 will get done with this exploit, the risk is so tiny its almost a non issue (in my mind)

Plenty of small businesses have home or small business grade equipment, so I wouldn't say it's a non-issue. Chances are fairly low, sure, but seems a bit foolish to dismiss it.
You only need to look at the buzz around this exploit to realise that plenty of people are trying it out.

Ev0 · 15 Jan 2012 at 21:38

Had mixed success running Reaver.

Trying to run it against my own wireless router, a Cisco Linksys WAG320N, I get failed to associate messages.

But when trying another in the area (just to see if it connects, not actually attacking it!) it associates fine. No idea what it does after then as I stopped it then.

Don't think it's a wireless driver issue as not had any issues with this USB dongle before.

jaybee · 17 Aug 2012 at 13:40

I only just found out about this. I just hacked my wireless network in 1 hour 10 minutes. The whole process including downloading and ripping a Linux distro live CD, reading a couple of lines of basic reaver code usage and waiting for it to work was under 2 hours.

KIA · 17 Aug 2012 at 13:50

jaybee said:
I only just found out about this. I just hacked my wireless network in 1 hour 10 minutes. The whole process including downloading and ripping a Linux distro live CD, reading a couple of lines of basic reaver code usage and waiting for it to work was under 2 hours.

I managed to gain access to a couple of HH3's before BT rolled out the new firmware. Dangerous, isn't it?

Deleted member 77746 · 17 Aug 2012 at 16:54

jaybee said:
I only just found out about this. I just hacked my wireless network in 1 hour 10 minutes. The whole process including downloading and ripping a Linux distro live CD, reading a couple of lines of basic reaver code usage and waiting for it to work was under 2 hours.

So what did you need to actually have fully access without knowing the password?

I hope wpa2 isn't at risk now. :mad:

EDIT: Just read the artical on life hacker n gosh not good!

deadite66 · 17 Aug 2012 at 16:59

i moved to dd-wrt due to this, doesn't support WPS at all.

BuZ · 17 Aug 2012 at 21:03

It's a good idea. I have WPS enabled on my router, but never use it. I knew there would be possible faults with it. I prefer typing in my own password and have access to the network.

Most BB routers are shipped with default names and passwords. Anyone could hack these with the correct tools and software such as Linux. It's very dangerous and needs improvements before going further with WPS.

Johnnytoxic · 2 Nov 2012 at 12:01

I tested this and there is a few in my apartment block I can exploit. The closest one which was handy had no router lockout and was done in 4 hours. The others lock you out for half an hour after 10 or so attempts, so could take around 20 days. Varies with each router.

The odds of it happening to you is very slim. Also just bought a 6870 card that does 80,000 PMKs /second. Would take about 22days to bruteforce an 8 character uppercase alpha WPA password. Just doing it for the curiosity factor. Its fun.

Johnnytoxic · 4 Nov 2012 at 03:10

208 billion combinations for an all uppercase password. 30days to do.

I'll let you know how it goes.

blueacid · 4 Nov 2012 at 20:36

Johnnytoxic said:
I tested this and there is a few in my apartment block I can exploit. The closest one which was handy had no router lockout and was done in 4 hours. The others lock you out for half an hour after 10 or so attempts, so could take around 20 days. Varies with each router.

The odds of it happening to you is very slim. Also just bought a 6870 card that does 80,000 PMKs /second. Would take about 22days to bruteforce an 8 character uppercase alpha WPA password. Just doing it for the curiosity factor. Its fun.

Is it Reaver also that you're using with your 6870?

I should probably point out that nobody should be doing this to any networks for which they don't have the permission to connect. But penetration testing (fnar) is fine, if you're the network administrator (i.e. if it's your own network)

dfarrall · 4 Nov 2012 at 20:42

blueacid said:
But penetration testing (fnar) is fine.

Why the dislike?

blueacid · 4 Nov 2012 at 20:45

dfarrall said:
Why the dislike?

The dislike? I meant "fnar" to point out the slight innuendo. If it helps, exchange "fnar" for "giggidy" and read it again

V F · 6 Nov 2012 at 19:49

deadite66 said:
in a bind with my router (Netgear dgnd3300v2) anything above .42 firmware DHCP reservation is broken but the disable WPS toggle doesn't stick on .42

fed up with broken netgear firmware, ordered the Buffalo adsl router which dd-wrt supports.

Old post, I know but... after discovering this thread a few days ago, I decided to check Netgear's downloads for this router. As I knew a long time ago that setting would not stick.

The WPS listing no longer displays when searching.

ReleaseNotes_DGND3300v2_fw_2.1.00.54.html said:
DGND3300v2 Firmware Version 2.1.00.54 (WW Users Except NA) 2 May 2012 18:33

New Features Overview:

The Reference Manual has been updated to describe the new features noted below and can be accessed by clicking on the Documentation link in the router management interface (see left pane near the bottom).
Added support for up to four VPN passthrough sessions.
Added support for Schedule-based Wi-Fi On/Off. To invoke this feature go to the Advanced Wireless Settings and check "Turn off wireless signal by schedule" then set the schedule. Please note this feature requires an Internet connection for NTP time sync.
To reduce possibility of errors with the Internet Service Provider password the password is now left in clear text during entry and after being applied.
Added support for Internet Explorer 9.
Modifications and Bug Fixes:

Version 2.1.00.51_1.00.53

Fixed a problem where in some cases Attached Devices were incorrectly detected as UNKNOWN devices.
Fixed a problem with a particular Internet Service Provider which could result in repeated Internet disconnections.
Fixed a problem where router PIN (used with Wi-Fi Protected Setup) could not be disabled.
To Upgrade

To reach the Upgrade menu, click Router Upgrade from the Maintenance section. To upload new firmware:

Download using the button below, saving to a convenient place such as your desktop.
Using a browser, login to the router as admin.
Under Maintenanceclick Router Upgrade.
Click Browse and locate the upgrade (.img) firmware image file you just downloaded
Click Upload. Wait for the upgrade progress bar to complete and final prompt to appear.