That's a fairly significant finding. Can anyone else confirm the existence of devices that still fall to Reaver even when WPS is disabled?
Chris, when you run: iw scan wlan0 | grep “Config methods” Do you see a difference in advertised methods? On Mon, Feb 13, 2012 at 3:58 PM, chris nelson <sleekmountain...@gmail.com>wrote: > i have tested reaver on a netgear and linksys (dont have model nos. with > me) with wps disabled and enabled. the wps setting did not matter and both > were vulnerable. was able to recover wpa2 passphrase in ~4 hrs on both. > > > > > On Mon, Feb 13, 2012 at 8:32 AM, Dan Kaminsky <d...@doxpara.com> wrote: > >> Steve while he's often derided goes into this very well. Many cisco's >>> only stop advertising wps when it is "off" but wps actually still >>> exists...which means they are still easily hackable. >>> >> >> Have you directly confirmed a WPS exchange can occur even on devices that >> aren't advertising support? That would indeed be a quick and dirty way to >> "turn the feature off". >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
