Saturday, 31 December 2011

Researcher reveals flaw in Wi-Fi Protected Setup

Security researcher Stefan Viehbock has found a major flaw in Wi-Fi Protected Setup that can enable access to PIN-protected networks in just a few hours.
Security researcher Stefan Viehbock has revealed a flaw with Wi-Fi Protected Setup that could enable attackers to brute-force their way into PIN-protected networks in a short period of time. Although WPS-enabled routers can be protected by 8-digit pins, Viehbock’s attack works by exploiting poor design decisions in the WPS handshaking process that reduces the number of possibilities. Instead of having to test 108 combinations, the attack code really only has to try about 11,000.
Viehbock reported the vulnerability to the U.S. Computer Emergency Readiness Team (US-CERT) (which released a vulnerability note yesterday), and earlier this month contacted makers of routers confirmed to be vulnerable to the attack. However, Viehbock says no hotspot makers have issued fixes.
“To my knowledge none of the vendors have reacted and released firmware with mitigations in place,” Viehbock wrote in his blog. Routers affected include models made by D-Link, Belkin, Linksys, Netgear, ZyXel, TP-Link, Technicolor, and Buffalo.
Wi-Fi Protected Setup

You Can Download A Recent Tool Released Which Exploits This Vulnerability HERE


Post a Comment

Related Posts Plugin for WordPress, Blogger...