Berkeley CSUA MOTD:Entry 54277
Berkeley CSUA MOTD
2018/10/15 [General] UID:1000 Activity:popular

2011/12/29-2012/2/6 [Computer/Networking, Computer/SW/Security] UID:54277 Activity:nil
12/29   New brute force attack against WPA1/2 base stations based on a flaw
        in WiFi Protected Setup (WPS):
ERROR, url_link recursive (eces.Colorado.EDU/secure/mindterm2) 2018/10/15 [General] UID:1000 Activity:popular

You may also be interested in these entries...
2012/3/29-6/4 [Computer/HW/Memory, Computer/HW/CPU, Computer/HW/Drives] UID:54351 Activity:nil
3/29    A friend wants a PC (no mac). She doesn't want Dell. Is there a
        good place that can custom build for you (SSD, large RAM, cheap video
        card--no game)?
        \_ As a side note: back in my Cal days more than two decades ago when
           having a 387SX made me the only person with floating-point hardware,
           most machines were custom built.
2012/4/26-6/4 [Computer/Networking] UID:54371 Activity:nil
4/26    I see that soda has an ipv6 address but ipv6 traffic from this box
        doesn't actually work (ping6 <DEAD><DEAD>, ping6
        Is this expected to work?
        \_ Soda doesn't have a real IPv6 address.  The IPv6 addresses you see
           in ifconfig are just link-local addresses; any IPv6-capable machine
           will autogenerate these, whether or not it's connected to an IPv6
2011/9/14-10/25 [Computer/HW/Drives] UID:54173 Activity:nil
9/13    Thanks to Jordan, our disk server is no longer virtualized. Our long
        nightmare of poor IO performance should hopefully be over. Prepare for
        another long nightmare of poor hardware reliability!
        Just kidding! (I hope)
        In any case, this means that cooler was taken out back and shot, and
2011/5/9-7/13 [Computer/Companies/Apple, Computer/SW/OS/OsX] UID:54106 Activity:nil
5/4     Any thoughts about apple switching to ARM for all machines?
        \_ Could only have happened if the Mac App Store had been a wild, wild
           success, and they were willing to give up Steam. Games/dual-booting
           is strategically valuable to not driving people away from macs.
           A new ARM iOS based device, or opening the Apple TV to iOS apps
           (same thing, really) would be much more likely than sabotaging their
2010/7/24-8/25 [Computer/Networking] UID:53896 Activity:nil
7/23    Internet's first router:
        \_ Wow!  And the first VoIP phone!  Notice that the fans on that
           hardware look just like the fans these days.
           \_ I'm typing on an IBM Clicky Clacky Keyboard.
2013/10/24-11/21 [Computer/Companies/Apple] UID:54747 Activity:nil
9/19    "No, A Severed Finger Will Not Be Able to Access a Stolen iPhone 5S"
        I'm sure the Apple QA department has tested extensively that a severed
        finger will not be able to access a stolen iPhone 5S.
        \_ It doesn't matter whether or not a severed finger can be used.  It
           matters whether or not a robber thinks that a severed finger can be
2013/6/6-7/31 [Politics/Foreign/Asia/China, Computer/SW/Security] UID:54690 Activity:nil
6/6     Wow, NSA rocks. Who would have thought they had access to major
        data exchangers? I have much more respect for government workers,
        crypto experts, mathematicans now than ever.
        \_ flea to Hong Kong --> best dim-sum in the world
           \_ "flee"
        \_ The dumb ones work for DMV, the smart ones for the NSA. If you
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
2012/8/29-11/7 [Computer/SW/Security] UID:54467 Activity:nil
8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
2012/7/18-8/19 [Health/Men, Computer/SW/Security] UID:54438 Activity:nil
7/18    "Largest penis record holder arouses security suspicions at airport" (
        \_ I often have that same problem.
        \_ I think the headline writer had some fun with that one.
           \_ One time when I glanced over a Yahoo News headline "U.S. busts
              largest-ever identity theft ring" all I saw was "U.S. busts
2012/4/23-6/1 [Computer/SW/WWW/Browsers] UID:54360 Activity:nil
4/19    My Firefox 3.6.28 pops up a Software Update box that reads "Your
        version of Firefox will soon be vulnerable to online attacks."  Are
        they planning to turn off some security feature in my version of
        \_ Not as such, no, but they're no longer developing this version,
           so if a 3.6.x-targeted hack shows up, you're not going to get
Cache (2313 bytes)
Vulnerability Note VU#723755 WiFi Protected Setup PIN brute force vulnerability Overview The WiFi Protected Setup (WPS) PIN is susceptible to a brute force attack. A design flaw that exists in the WPS specification for the PIN authentication significantly reduces the time required to brute force the entire PIN because it allows an attacker to know when the first half of the 8 digit PIN is correct. The lack of a proper lock out policy after a certain number of failed attempts to guess the PIN on some wireless routers makes this brute force attack that much more feasible. I Description WiFi Protected Setup (WPS) is a computing standard created by the WiFi Alliance to ease the setup and securing of a wireless home network. WPS contains an authentication method called "external registrar" that only requires the router's PIN. By design this method is susceptible to brute force attacks against the PIN. When the PIN authentication fails the access point will send an EAP-NACK message back to the client. The EAP-NACK messages are sent in a way that an attacker is able to determine if the first half of the PIN is correct. Also, the last digit of the PIN is known because it is a checksum for the PIN. This design greatly reduces the number of attempts needed to brute force the PIN. The number of attempts goes from 10^8 to 10^4 + 10^3 which is 11,000 attempts in total. It has been reported that some wireless routers do not implement any kind of lock out policy for brute force attempts. This greatly reduces the time required to perform a successful brute force attack. It has also been reported that some wireless routers resulted in a denial-of-service condition because of the brute force attempt and required a reboot. Impact An attacker within range of the wireless access point may be able to brute force the WPS PIN and retrieve the password for the wireless network, change the configuration of the access point, or cause a denial of service. Solution We are currently unaware of a practical solution to this problem. Although the following will not mitigate this specific vulnerability, best practices also recommend only using WPA2 encryption with a strong password, disabling UPnP, and enabling MAC address filtering so only trusted computers and devices can connect to the wireless network.
Cache (1476 bytes)
TNS Pictures Reaver Reaver is a WPA attack tool developed by Tactical Network Solutions that exploits a protocol design flaw in WiFi Protected Setup (WPS). This vulnerability exposes a side-channel attack against Wi-Fi Protected Access (WPA) versions 1 and 2 allowing the extraction of the Pre-Shared Key (PSK) used to secure the network. WPS allows users to enter an 8 digit PIN to connect to a secured network without having to enter a passphrase. When a user supplies the correct PIN the access point essentially gives the user the WPA/WPA2 PSK that is needed to connect to the network. Reaver will determine an access point's PIN and then extract the PSK and give it to the attacker. Current attacks against WPA networks involve the computation of rainbow tables based on a dictionary of potential keys and the name (SSID) of the network being attacked. Rainbow tables must be re-generated for each network encountered and are only successful if the PSK is a dictionary word. However, Reaver is not restricted by the limitations of traditional dictionary-based attacks. Reaver is able to extract the WPA PSK from the access point within 4 - 10 hours and roughly 95% of modern consumer-grade access points ship with WPS enabled by default. The free open source version, which has limited functionality and a commercial version which is user friendly and feature-rich. The following table outlines the differences between the open source project and our commercial offering.
Cache (6778 bytes) ->
I noticed a few really bad design decisions which enable an efficient brute force attack, thus effectively breaking the security of pretty much all WPS-enabled Wi-Fi routers. As all of the more recent router models come with WPS enabled by default, this affects millions of devices worldwide. Brute forcing Wi-Fi Protected Setup - Please keep in mind that the devices mentioned there are just a tiny subset of the affected devices. I would like to thank the guys at CERT for coordinating this vulnerability. Reply 2 "will be released once I get around to cleaning up the code" For most people this means "never". I'd rather get a chunk of dirty code and try to figure it out than have to try to re-implement this attack from scratch. In fact, since it's such an important part of the paper, arguably the code "not being ready" means the paper isn't, either. But even if you disagree with that, then this still leaves people shorthanded verifying a) their devices are vulnerable and b) they've successfully mitigated the problem by turning off the feature. Wouldn't be the first time shoddy firmware says one thing but does another. As such, the only remedy now is to take every last AP offline until someone gets around to releasing a tool to check mitigation. Reply 3 If the code is not ready, in the interim it would at least be useful to have a way to confirm whether a particular access point implements the "External Registrar" method of WPS. Looking at several of the ones in my possession, it was unclear which ones are affected. One device has the Push Button Connect physical button but it does nothing and manufacturer documentation says WPS is not implemented and is reserved for future use. Another device has no physical button but implements the "Internal Registrar" method of WPS through the network admin interface, and may also implement the External Registrar method, but I have no way to easily confirm that. Reply + I tried running your code but seems not to be working on my system. when I try to run the script it says it can't associate and reports the correct essid. I've only tested it against Atheros ath9k drivers and the Realtek drivers for the Alpha cards, so both of those work fine, but others may not work. Switching to something like lorcon for packet injection will probably fix these types of issues... The other mitigation that should be recommended is to never send EAP-NACK in response to the first half of the PIN. Always send the second half of the negotiation, and send EAP-NACK in response to the second half of the PIN if either half was incorrect. That brings the required number of brute force attempts back up to 10^7, which means it will take over 150 days to search the entire space with your assumed attack time of 13 seconds per attack, even without any lock down (or 75 days, on average, to find the PIN). Rather than a complete lock down after a few failed attempts, I think it would be better to introduce a delay after receiving a few (5 or 10) failed attempts. This has the advantage that a legitimate client with the correct PIN can still authenticate, even if the device is under a brute force attack. A 30-second delay strikes me as a good compromise between resistance to brute force attacks and responding to legitimate requests. If it's difficult for the attacker to spoof their MAC address, then a per-MAC-address complete lock down is even better. It can provide a much longer average time to find the PIN (a 60-minute lock down after 5 failed attempts leads to a 114-year average time to find the PIN) while still allowing legitimate clients with a different MAC address to authenticate. But if the attacker can send each request with a different MAC address they can bypass the lock down. Reply + MAC spoofing is trivial -- so trivial that it should never be used as the basis for security. A network card's MAC address can be changed in microseconds, and there are about 281,474,976,711,000 addresses to choose from. Are you sure that all of these routers leave WPS on all the time? WPS is only supposed to be "on" when the person presses the physical or virtual button on the router to start a WPS transaction. What's supposed to happen is the router only does WPS for a certain window period after the button is pressed on it. Reply + Yes I am sure that the PIN - External Registrar option does work all the time. WPS supports different configuration options and only one involves a physical button. someone would eventually hit the button which was the linksys logo that wouldn't make you think it was a button when someone just needed to move it out of the way because there was shitty locations for wireless routers). Instead of typing in different pins for every device, i always though it was easier to name a wireless network and give it a password with any of the encryption choices offered (just not wps). If an AP supports external PIN registration for an unlimited time, that would be a problem regardless of an efficient brute-force attack. However, the claim that this will affect all WPS routers is overreaching. Even in your limited tests you hit one that malfunctioned before letting you in. I know Apple APs don't support adding clients without taking action on the AP, so the "all of the more recent router models come with WPS" claim also goes too far. to Viehbck, he took a look at WPS and found "a few really bad design decisions which enable an efficient brute force attack, thus effectively breaking the security of pretty much all WPS-enabled Wi-Fi routers. No doubt the various hardware vendors will take a long time to rollout any firmware update. What really worries me is that some only seem to keep updating firmware for a year or two after release and then completely stop, which leaves a lot of kit vulnerable to old exploits that could and should be easily fixed. I consider it VERY unscholarly to release this paper without backing up your theses by providing your "brute force tool". This would have made verification of your paper possible more easily. Being a scholar yourself you should do better than this. Th&#1077 vulnerabilities identified b&#1091 security researcher Stefan Viehbock affect a generous number &#959f WPS-enabled routers &#1072n&#1281 wireless access points. vrejtjen e vet CERT-i thirret n rezultatet e hulumtimit t kryer nga eksperti pr siguri Stefan Viehbock, i cili zbuloi lshimin n Wi-Fi Protected Set-up, respektivisht n protokollin WPS. You forgot that "the 8th digit of the PIN is always a checksum" applies also to the raw brute force combination calculations for the whole PIN, not just the calculations for forcing the two parts of the PIN separately, so the maximum possible authentication attempts figure should only have been 10^7, not 10^8.