Friday, December 30, 2011

WiFi Protected Setup (WPS) Is Vulnerable, 2 Bruteforce Tools Unleashed

Two computer security experts and network ninjas discovered that WiFi Protected Setup is vulnerable because it can be brute-forced using WPS pins which allow attackers to retrieve the WPA/WPA2 in less than 10 hours.
Aside from that, two penetration testing tools that cracks routers that have WPS on it have been released, made open source and available for download. These two tools are Reaver and Stefan Viehböck’s PoC Bruteforce Tool. Reaver was released by Tactical Network Solutions and the PoC Bruteforce Tool was obviously developed by Stefan Viehböck. Stefan said that his tool is a bit faster than Reaver but it does not support all Wi-Fi adapters. I haven’t tried Stefan’s tool yet but I was able to play and set Reaver tool in my Backtrack 5 Linux Operating System. 
Reaver version 1.1 has been released last night while I was writing a tutorial on how to set it up. You can download or wget Reaver version 1.1 or 1.0 on this link. And if you want to try Stefan Viehböck’s PoC Bruteforce Tool, you can download it here.

There is no patch yet for this vulnerability so it would be advisable to disable WPS in order to keep it away from your neighbors who are crackers.

About the Contributor:
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security.  He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.

ROOTCON is managed by like minded InfoSec professionals across the Philippines.  All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.