Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Wps pixie dust attack


Published on

Wi-Fi Protected Setup - Pixie Dust Attack. An offline bruteforce attack that leaves certain routers vulnerable. Works for Boardcom and Ralink chipset based Wi-Fi routers.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Wps pixie dust attack

  1. 1. WPS Pixie Dust Attack Sumit Shrivastava
  2. 2. Myself  Sumit Shrivastava – Security Analyst @ Network Intelligence India Pvt. Ltd.  2.5+ years of work experience in the field of Digital Forensics and Assessment  Certifications  Computer Hacking and Forensics Investigator v8, EC-Council  Certified Professional Forensics Analyst, IIS Mumbai  Certified Professional Hacker NxG, IIS Mumbai  Certified Information Security Consultant, IIS Mumbai  Certified Information Security Expert – Level 1, Innobuzz Knowledge Solutions  Once upon a time Android and Web Developer
  3. 3. Today’s takeaway  Introduction to WPS  Terminology  WPS Pin Formats  WPS Negotiation Process  Types of attacks on WPS  Diving into Pixie Dust  P0wning the WiFi Router - Demonstration
  4. 4. Introduction to WPS  Wi-Fi Protected Setup (WPS, Wi-Fi Simple Config)  Uses PIN Method to secure wireless home network  Created by Wi-Fi Alliance, introduced in 2006  Goal – to allow the home users, who know very little about the wireless security, to add new devices  Major security flaw revealed in December 2011  Allowed brute-force the WPS Pin  SEVERELY BROKEN PROTOCOL!!!
  5. 5. Terminology  Enrollee: A device seeking to join a WLAN domain  Registrar: An entity with the authority to issue WLAN credentials  External Registrar: A registrar that is separate from the AP  AP: An infrastructure mode 802.11 Access Point Note:- AP and client device may change roles i.e. AP acts as Enrollee and Client Device acts Registrar, when WPS is used to configure the access point
  6. 6. WPS Pin A WPS Pin looks like This is what your Wi-Fi Router has at its back label
  7. 7. WPS Pin Format
  8. 8. WPS Negotiation Process  M1 – 128-bit random nounce generated by Enrollee (N1||PKE)  M2 – 128-bit random nounce generated by Registrar (N1||N2||PKR||Auth). Auth = HMAC (M1||M2)  M3 – E-Hash1 (E- S1||PSK1||PKE||PKR) OR E- Hash2 (E- S2||PSK2||PKE||PKR)
  9. 9. Type of Attacks on WPS  Online Brute-force  Offline Brute-force  Physical Attack
  10. 10. Diving into Pixie Dust  What you require?  Hashes -> E-Hash1 and E-Hash2  Public Keys -> PKE, PKR  Authkey  E-Nounce (Enrollee Nounce)  Flaw is in the E-S1 and E-S2 generation which are Psudo-Random Numbers  Dominique Bongard, found many AP use insecure PRNG  Broadlink -> c.rand()  Ralink -> E-S1 and E-S2 are never generated, hence they are always 0  If PRNG state is recovered, E-S1 and E-S2 can be calculated  PSK1 and PSK2 can be calculated from E-Hash1 and E-Hash2  To successfully complete this attack, negotiation should complete within 1 second
  11. 11. P0wning the Wi-Fi router :~# airmon-ng check kill :~# airmon-ng start <WIFI_INTERFACE> :~# wash –i <MONITOR_INTERFACE> :~# reaver –i <MONITOR_INTERFACE> -b <BSSID> -c <CHANNEL> -vv –K 1
  12. 12. P0wned
  13. 13. References    current/src/external/bsd/wpa/dist/hostapd/README-WPS     https://www.wi-
  14. 14. Questions? Thank you