Printed from http://www.electronista.com

Researchers discover Wi-Fi router PIN vulnerability

updated 12:00 am EST, Wed December 28, 2011

Flaw makes for easier brute-force attacks

The US Computer Emergency Readiness Team (US-CERT) has reportedly issued a warning regarding a vulnerability in Wi-Fi routers that use Wi-Fi Protected Setup (WPS) PINs. The security flaw, which was said to be discovered by security researcher Stefan Viehbock, enables hackers to easily gain access to routers by using brute-force attacks and software tools to guess the PIN codes.

Although routers require users to enter an eight-digit PIN, which should conceal the true number among 100 million possibilities, the current technology is said to effectively weaken the protection down to a point that can be hacked with a maximum of 11,000 attempts.

When a user makes an incorrect PIN guess, the system responds to the client with a message that reportedly provides notification if the first half of the PIN was correct. The message also reveals the last digit of the PIN as a checksum.

"It has been reported that some wireless routers do not implement any kind of lock out policy for brute force attempts," the US-CERT warning said. "This greatly reduces the time required to perform a successful brute force attack."

Viehbock suggests select routers from D-Link, Netgear, Linksys and Buffalo are vulnerable to the brute force attacks. He claims to have been ignored by the hardware vendors, despite developing a Python tool that can break the code in just a few seconds. [via Threat Post]



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lacking ...

Sponsor

toggle

Most Commented

 
toggle

Popular News