Wi-Fi Protected Setup (WPS)

WPS is a network security standard to create a secure wireless home network. It was created in order to allow end users to add devices to the network without entering long passwords.kb17336-001_en_v9

After you press the button on the router, you can easily connect to it by also clicking the WPS Push Button on your phone. Once the router recognizes the device, it securely transmits the data needed to associate with the access point to the phone.
screenshot_20170211-213336

From a non-technical standpoint, this seems very simple, but there are various vulnerabilities that can be exploited in this wireless standard.

If anyone gets physical access to your router and connects with WPS, you can recover the actual passphrase from it. Using a rooted Android phone and a password recovery app, you can select a network and view the passphrase.

download

Another big vulnerability is the ability for hackers to remotely brute force the WPS pin needed to connect. This is due to the fact that a WPS pin has only 8 numbers, and defines the number of possibilities there are to try.

By using an external Wi-Fi card and a Linux distro such as Kali-Linux, you can easily setup tools such as Reaver and High Touch WPS Breaker (HTWPS). These two tools take advantage of unsecured routers with old firmware to brute force the WPA key.

high-touch-wps-breaker

After typing 01, the software will return a list of networks that are open to the attack. Due to the fact that many manufacturers ship routers with this enabled, the list is often very long.

wps

In the image above, you see the PIN that has been returned. By using a tool called Bully, Kali Linux can retrieve the original password.

As you can see, WPS compromises security in exchange for convenience. A good security practice would be to disable this setting in your router settings page. This will block the hardware button from functioning and keep you safe from attacks.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s