Wi-Fi Protected
Access (WPA) is a security protocol used by many wireless
devices like routers, laptops, access points and so on. Stefan
Viehb�ck released a
paper
titled �Brute forcing Wi-Fi Protected Setup� on 26th Dec 2011
detailing vulnerabilities associated with Wi-Fi Protected
Setup (WPS) � which is a feature of WPA which could allow an
attacker to recover the Pre-Shared Key (PSK) associated with
WPA protocol in a few hours very easily.
WPS was launched
somewhere in 2006, but the actual appliances/ devices came
into the market during 2007. In one of
FAQ�s of
Wi-Fi Alliance,
they mention �Wi-Fi Protected Setup is an optional
certification program developed by Wi-Fi Alliance designed to
ease set up of security-enabled Wi-Fi networks in the home and
small office environment.� Simply, WPS allows a user to enter
a 8 digit PIN without having to worry about navigating through
number of cumbersome configuration pages.
On 28th December
2011, Tactical Network Solutions
open sourced a tool code
named Reaver. They claim that with Reaver, WPS enabled router
passphrase can be recovered in 4-10 hours. So far no versions
of Reaver is supported in Windows platform. I�ve tested the
tool on Back Track 5 with following easy steps.
wget
http://reaver-wps.googlecode.com/files/reaver-1.1.tar.gz
(reaver-1.1 is the
latest version at the time of writing this article, which
addresses some known bugs)
Now extract gzip
file
tar zxvf reaver-1.1.tar.gz
Now go to the
directory and configure
cd /reaver-1.1/src
./configure
make
make install
Before
launching Reaver, let�s check the help section. |