WiFi Protected Setup PIN Brute Force Vulnerability Discovered

Martin Brinkmann
Dec 29, 2011
Security
|
0

Attackers who try to brute force accounts to get system passwords have several options at hand to reduce the time it takes until passwords are found. Most nowadays test the passwords against a dictionary file containing commonly used passwords before they start to test all possible character combinations.

A WiFi Protected Setup (WPS) vulnerability has recently been discovered that reduces the brute forcing time significantly. The vulnerability can be exploited to find out when the first four digits of the eight digit pin are correct. Instead of having to try 108 possible combinations, attackers now have to try 104 + 103 combinations which reduces the attempts from 100 million to 11000 in total.

That's a significant reduction in attempts. Some wireless routers slow down brute force attempts automatically as a security precaution, others do not have those features implemented. The attack may also result in a denial of service condition according to information posted on the US-Cert website.

Attackers can exploit the vulnerability to brute force their way into wireless routers at a much faster pace than before.

The vulnerability can only be patched with a firmware update. While it is likely that newer models will receive an update eventually that patches the flaw, it is unlikely that all affected router models will receive one.

Computer users who are currently using WiFi Protected Setup should disable the feature and configure their router manually instead. It is recommended to switch to WPA2 encryption with a strong password. US-Cert furthermore recommends to disable UPnP and to enable Mac filtering. The latter may keep amateurs at bay, but not professionals.

The vulnerability disclosure page lists vendors that are affected by the vulnerability. The who is who includes D-Link, Netgear, Zyxel, Linksys or Belkin among others.

Setting up a router's wireless connection manually is a challenging experience for less than tech-savvy computer users.

Additional information about the vulnerability can be found at Stefan Viehböck's website. The author promised to release a brute force tool to demonstrate the impact of the vulnerability.

Advertisement

Related content

Intel

Microsoft publishes new Registry security mitigation for Intel processors (Spectre)

KeePassXC adds support for Passkeys, improves database import from Bitwarden and 1Password
Malwarebytes 5

First look at Malwarebytes 5.0
RustDoor malware targets macOS users by posing as a Visual Studio Update

RustDoor malware targets macOS users by posing as a Visual Studio Update
keys

KeePass 2.56 released: options search and history improvements
70 million account credentials were leaked in a massive password dump

70 million account credentials were leaked in a massive password dump

Previous Post: «
Next Post: «

Comments

There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Advertisement

Hot Discussions

Advertisement

Recently Updated

Latest from Softonic

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2024 - All rights reserved