In this Null Byte, let's go over how to use both tools to crack WPS. This can be exploited to brute force the WPS PIN, and allow recovery of the WPA password in an incredibly short amount of time, as opposed to the standard attack on WPA. Then, the final number is a checking number used to satisfy an algorithm. By guessing the PIN, the router will actually throw back, whether or not the first four digits (of eight) are correct. This exploit defeats WPS via an intelligent brute force attack to the static WPS PIN. From this exploit, the WPA password can be recovered almost instantly in plain-text once the attack on the access point WPS is initiated, which normally takes 2-10 hours (depending on which program you use). braindump have created their respective "reaver" and "wpscrack" programs to exploit the WPS vulnerability.
Both TNS, the discoverers of the exploit and Stefan at. A flaw in WPS, or WiFi Protected Setup, known about for over a year by TNS, was finally exploited with proof of concept code.
0 kommentar(er)
