also here: http://www.backtrack-linux.org/forums/showthread.php?t=47038 and here: http://adaywithtape.blogspot.com/2012/01/cracking-wpa-using-wps-vulnerability.html
On Mon, Feb 13, 2012 at 4:09 PM, chris nelson <sleekmountain...@gmail.com>wrote: > i believe that disabling wps on router still leaves some routers > vulnerable was reported on before. > from > http://arstechnica.com/business/news/2012/01/hands-on-hacking-wifi-protected-setup-with-reaver.ars > "Having demonstrated the insecurity of WPS, I went into the Linksys' > administrative interface and turned WPS off. Then, I relaunched Reaver, > figuring that surely setting the router to manual configuration would block > the attacks at the door. But apparently Reaver didn't get the memo, and the > Linksys' WPS interface still responded to its queries—once again coughing > up the password and SSID. " > > the testing i did was in early-mid jan, ill verify my findings again. at > work now, but will let you know about config methods. > > > On Mon, Feb 13, 2012 at 2:57 PM, Dan Kaminsky <d...@doxpara.com> wrote: > >> That's a fairly significant finding. Can anyone else confirm the >> existence of devices that still fall to Reaver even when WPS is disabled? >> >> Chris, when you run: >> >> iw scan wlan0 | grep “Config methods” >> >> Do you see a difference in advertised methods? >> >> >> On Mon, Feb 13, 2012 at 3:58 PM, chris nelson <sleekmountain...@gmail.com >> > wrote: >> >>> i have tested reaver on a netgear and linksys (dont have model nos. with >>> me) with wps disabled and enabled. the wps setting did not matter and both >>> were vulnerable. was able to recover wpa2 passphrase in ~4 hrs on both. >>> >>> >>> >>> >>> On Mon, Feb 13, 2012 at 8:32 AM, Dan Kaminsky <d...@doxpara.com> wrote: >>> >>>> Steve while he's often derided goes into this very well. Many cisco's >>>>> only stop advertising wps when it is "off" but wps actually still >>>>> exists...which means they are still easily hackable. >>>>> >>>> >>>> Have you directly confirmed a WPS exchange can occur even on devices >>>> that aren't advertising support? That would indeed be a quick and dirty >>>> way to "turn the feature off". >>>> >>>> >>>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> Hosted and sponsored by Secunia - http://secunia.com/ >>>> >>> >>> >> >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/