SlideShare uma empresa Scribd logo

Offline bruteforce attack on WiFi Protected Setup

0
0xcite

Offline bruteforce attack on WiFi Protected Setup

Tecnologia
1 de 21
Baixar para ler offline
Offline bruteforce attack on WiFi Protected Setup Dominique Bongard Founder 0xcite, Switzerland @reversity
§  Protocol aiming at easily connecting to protected WiFi networks §  Two main modes: Push-Button and 8 digit PIN code §  Gives the WPA passphrase to stations providing the right PIN §  Poor design and implementation
Stefan Viehböck
Stefan Viehböck
§  Brute force each half of the PIN §  Maximum 10‘000 tries + 1‘000 tries §  No limitation on number of tries in many AP §  Takes a few hours (depends on the AP) §  Largely slowed down in new devices (lock-out) §  Many AP still sold with WPS PIN activated
STA Nonce E-Hash1 E-Hash2 HMAC AES(HMAC(PIN1),E-S1) AES(HMAC(PIN2),E-S2)
§  If we can guess E-S1 and E-S2, we can the brute force PIN1 and PIN2 offline! §  Pixie dust attack!
§  Usually with pseudo-random generators (PRNG) §  Often insecure PRNG §  No or low entropy §  Small state (32 bits) §  Can the PRNG state be recovered ?
int rand_r( unsigned int *seed ) { unsigned int s=*seed; unsigned int uret; s = (s * 1103515245) + 12345; // permutate seed uret = s & 0xffe00000;// Only use top 11 bits s = (s * 1103515245) + 12345; // permutate seed uret += (s & 0xfffc0000) >> 11;// Only use top 14 bits s = (s * 1103515245) + 12345; // permutate seed uret += (s & 0xfe000000) >> (11+14);// Only use top 7 bits retval = (int)(uret & RAND_MAX); *seed = s; return retval; }
AP Nonce Description PK
§  Linear Congruential Generator §  32 bits state §  No external entropy §  E-S1 and E-S2 generated right after the Nonce
§  Do the WPS protocol up to message M3 §  Get the Nonce from M1 §  Bruteforce the state of the PRNG §  Compute E-S1 and E-S2 from the state §  Decrypt E-Hash1 and E-Hash2 §  Bruteforce Pin1 and Pin2 §  Do the full WPS protocol and get the passphrase
§  Linear Feedback Shift Register (LFSR) §  Broken §  Doesn‘t matter the keys are always NULL !!
§  Some AP have the same state at each boot §  Make a list of common states after reboot §  Attack the AP right after boot
§  Trigger the breakers §  DDOS the AP §  Jam the signal until the target reboots the AP
§  Looks okay §  Uses /dev/random §  Found in Atheros SDK §  But you never know §  Several papers attack the entropy of the linux PRNG in embedded systems
§  It‘s complicated §  Many of the implementations are the reference code for the chipset §  Only the GUI is reskinned §  Therefore many brands are affected §  Many vendors use different chipset §  Even for the same model number
§  Disable WPS now ! §  Reverse engineers: Check other AP for bad PRNG §  Cryptographers: Check if good PRNG are okay

Recomendados

WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefencePrakashchand Suthar
 
AAA Best Practices
AAA Best PracticesAAA Best Practices
AAA Best PracticesSagar Gor
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip SpoofingDhrumil Shah
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)Varinder Singh Walia
 
IoT - Attacks and Solutions
IoT - Attacks and SolutionsIoT - Attacks and Solutions
IoT - Attacks and SolutionsUlf Mattsson
 
Advanced Wi-Fi pentesting
Advanced Wi-Fi pentestingAdvanced Wi-Fi pentesting
Advanced Wi-Fi pentestingYunfei Yang
 

Recomendados

WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefencePrakashchand Suthar
 
AAA Best Practices
AAA Best PracticesAAA Best Practices
AAA Best PracticesSagar Gor
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip SpoofingDhrumil Shah
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)Varinder Singh Walia
 
IoT - Attacks and Solutions
IoT - Attacks and SolutionsIoT - Attacks and Solutions
IoT - Attacks and SolutionsUlf Mattsson
 
Advanced Wi-Fi pentesting
Advanced Wi-Fi pentestingAdvanced Wi-Fi pentesting
Advanced Wi-Fi pentestingYunfei Yang
 
オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例
オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例
オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例CRI Japan, Inc.
 
Basic interview question for Ether Channel.
Basic interview question for Ether Channel.Basic interview question for Ether Channel.
Basic interview question for Ether Channel.INFitunes
 
How to use packet tracer
How to use packet tracerHow to use packet tracer
How to use packet tracerYunita Siswanti
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network) Netwax Lab
 
2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backend
2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backend2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backend
2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backendAPIsecure_ Official
 
Ip spoofing attacks
Ip spoofing attacksIp spoofing attacks
Ip spoofing attacksApijay Kumar
 
【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?
【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?
【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?IIJ
 
Configuration of lan in cisco packet tracer by TAnjilur Rahman
Configuration of lan in cisco packet tracer by TAnjilur RahmanConfiguration of lan in cisco packet tracer by TAnjilur Rahman
Configuration of lan in cisco packet tracer by TAnjilur RahmanTanjilurRahman6
 
Himanshupptx
HimanshupptxHimanshupptx
HimanshupptxHimanshu Chaurishiya
 
Wireshark入門(2)
Wireshark入門(2)Wireshark入門(2)
Wireshark入門(2)彰 村地
 
VPN
VPNVPN
VPNShiraz316
 
Wps pixie dust attack
Wps pixie dust attackWps pixie dust attack
Wps pixie dust attackinvad3rsam
 
CCNA 200-301 IPv6 addressing and subnetting MCQs Collection
CCNA 200-301 IPv6 addressing and subnetting MCQs CollectionCCNA 200-301 IPv6 addressing and subnetting MCQs Collection
CCNA 200-301 IPv6 addressing and subnetting MCQs CollectionCAS
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
IOT Presentation Seminar PPT
IOT Presentation Seminar PPTIOT Presentation Seminar PPT
IOT Presentation Seminar PPTHimanshu Jaswal
 
Basics of Maltego
Basics of MaltegoBasics of Maltego
Basics of MaltegoYash Diwakar
 
GoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPdGoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPdPavel Odintsov
 
MikroTik Security
MikroTik SecurityMikroTik Security
MikroTik SecurityRofiq Fauzi
 
VLAN на Mikrotik: принципы работы и стыковка с другими свичами
VLAN на Mikrotik: принципы работы и стыковка с другими свичамиVLAN на Mikrotik: принципы работы и стыковка с другими свичами
VLAN на Mikrotik: принципы работы и стыковка с другими свичамиmikrotik-training
 
Demystify LDAP and OIDC Providing Security to Your App on Kubernetes
Demystify LDAP and OIDC Providing Security to Your App on KubernetesDemystify LDAP and OIDC Providing Security to Your App on Kubernetes
Demystify LDAP and OIDC Providing Security to Your App on KubernetesVMware Tanzu
 
Offline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupOffline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupCyber Security Alliance
 
2. Stream Ciphers
2. Stream Ciphers2. Stream Ciphers
2. Stream CiphersSam Bowne
 

Mais conteúdo relacionado

Mais procurados

オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例
オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例
オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例CRI Japan, Inc.
 
Basic interview question for Ether Channel.
Basic interview question for Ether Channel.Basic interview question for Ether Channel.
Basic interview question for Ether Channel.INFitunes
 
How to use packet tracer
How to use packet tracerHow to use packet tracer
How to use packet tracerYunita Siswanti
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network) Netwax Lab
 
2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backend
2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backend2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backend
2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backendAPIsecure_ Official
 
Ip spoofing attacks
Ip spoofing attacksIp spoofing attacks
Ip spoofing attacksApijay Kumar
 
【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?
【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?
【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?IIJ
 
Configuration of lan in cisco packet tracer by TAnjilur Rahman
Configuration of lan in cisco packet tracer by TAnjilur RahmanConfiguration of lan in cisco packet tracer by TAnjilur Rahman
Configuration of lan in cisco packet tracer by TAnjilur RahmanTanjilurRahman6
 
Wireshark入門(2)
Wireshark入門(2)Wireshark入門(2)
Wireshark入門(2)彰 村地
 
Wps pixie dust attack
Wps pixie dust attackWps pixie dust attack
Wps pixie dust attackinvad3rsam
 
CCNA 200-301 IPv6 addressing and subnetting MCQs Collection
CCNA 200-301 IPv6 addressing and subnetting MCQs CollectionCCNA 200-301 IPv6 addressing and subnetting MCQs Collection
CCNA 200-301 IPv6 addressing and subnetting MCQs CollectionCAS
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
IOT Presentation Seminar PPT
IOT Presentation Seminar PPTIOT Presentation Seminar PPT
IOT Presentation Seminar PPTHimanshu Jaswal
 
GoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPdGoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPdPavel Odintsov
 
MikroTik Security
MikroTik SecurityMikroTik Security
MikroTik SecurityRofiq Fauzi
 
VLAN на Mikrotik: принципы работы и стыковка с другими свичами
VLAN на Mikrotik: принципы работы и стыковка с другими свичамиVLAN на Mikrotik: принципы работы и стыковка с другими свичами
VLAN на Mikrotik: принципы работы и стыковка с другими свичамиmikrotik-training
 
Demystify LDAP and OIDC Providing Security to Your App on Kubernetes
Demystify LDAP and OIDC Providing Security to Your App on KubernetesDemystify LDAP and OIDC Providing Security to Your App on Kubernetes
Demystify LDAP and OIDC Providing Security to Your App on KubernetesVMware Tanzu
 

Mais procurados (20)

オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例
オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例
オープンソースからエンタープライズまで対応可能な新世代LoRaWANプラットフォーム"The Things Stack"とその活用事例
 
Basic interview question for Ether Channel.
Basic interview question for Ether Channel.Basic interview question for Ether Channel.
Basic interview question for Ether Channel.
 
How to use packet tracer
How to use packet tracerHow to use packet tracer
How to use packet tracer
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network)
 
2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backend
2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backend2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backend
2022 APIsecure_Method for exploiting IDOR on nodejs+mongodb based backend
 
Ip spoofing attacks
Ip spoofing attacksIp spoofing attacks
Ip spoofing attacks
 
【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?
【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?
【解説】IKE(IIJ Kubernetes Engine):= Vanilla Kubernetes + 何?
 
Configuration of lan in cisco packet tracer by TAnjilur Rahman
Configuration of lan in cisco packet tracer by TAnjilur RahmanConfiguration of lan in cisco packet tracer by TAnjilur Rahman
Configuration of lan in cisco packet tracer by TAnjilur Rahman
 
Himanshupptx
HimanshupptxHimanshupptx
Himanshupptx
 
Wireshark入門(2)
Wireshark入門(2)Wireshark入門(2)
Wireshark入門(2)
 
VPN
VPNVPN
VPN
 
Wps pixie dust attack
Wps pixie dust attackWps pixie dust attack
Wps pixie dust attack
 
CCNA 200-301 IPv6 addressing and subnetting MCQs Collection
CCNA 200-301 IPv6 addressing and subnetting MCQs CollectionCCNA 200-301 IPv6 addressing and subnetting MCQs Collection
CCNA 200-301 IPv6 addressing and subnetting MCQs Collection
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
 
IOT Presentation Seminar PPT
IOT Presentation Seminar PPTIOT Presentation Seminar PPT
IOT Presentation Seminar PPT
 
Basics of Maltego
Basics of MaltegoBasics of Maltego
Basics of Maltego
 
GoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPdGoBGP : yet another OSS BGPd
GoBGP : yet another OSS BGPd
 
MikroTik Security
MikroTik SecurityMikroTik Security
MikroTik Security
 
VLAN на Mikrotik: принципы работы и стыковка с другими свичами
VLAN на Mikrotik: принципы работы и стыковка с другими свичамиVLAN на Mikrotik: принципы работы и стыковка с другими свичами
VLAN на Mikrotik: принципы работы и стыковка с другими свичами
 
Demystify LDAP and OIDC Providing Security to Your App on Kubernetes
Demystify LDAP and OIDC Providing Security to Your App on KubernetesDemystify LDAP and OIDC Providing Security to Your App on Kubernetes
Demystify LDAP and OIDC Providing Security to Your App on Kubernetes
 

Semelhante a Offline bruteforce attack on WiFi Protected Setup

Offline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupOffline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupCyber Security Alliance
 
2. Stream Ciphers
2. Stream Ciphers2. Stream Ciphers
2. Stream CiphersSam Bowne
 
BlackHat 2009 - Hacking Zigbee Chips (slides)
BlackHat 2009 - Hacking Zigbee Chips (slides)BlackHat 2009 - Hacking Zigbee Chips (slides)
BlackHat 2009 - Hacking Zigbee Chips (slides)Michael Smith
 
One-Wire-Serial-Communication.pdf
One-Wire-Serial-Communication.pdfOne-Wire-Serial-Communication.pdf
One-Wire-Serial-Communication.pdfshamtekawambwa1
 
Serial Peripheral Interface
Serial Peripheral InterfaceSerial Peripheral Interface
Serial Peripheral InterfaceChirag Parikh
 
Open-E DSS V6 Synchronous Volume Replication with Failover over a LAN with Un...
Open-E DSS V6 Synchronous Volume Replication with Failover over a LAN with Un...Open-E DSS V6 Synchronous Volume Replication with Failover over a LAN with Un...
Open-E DSS V6 Synchronous Volume Replication with Failover over a LAN with Un...open-e
 
Open-E DSS V6 Synchronous Volume Replication With Failover over a LAN with Br...
Open-E DSS V6 Synchronous Volume Replication With Failover over a LAN with Br...Open-E DSS V6 Synchronous Volume Replication With Failover over a LAN with Br...
Open-E DSS V6 Synchronous Volume Replication With Failover over a LAN with Br...open-e
 
Attacking Industrial Remote Controllers (HITB AMS 2019)
Attacking Industrial Remote Controllers (HITB AMS 2019)Attacking Industrial Remote Controllers (HITB AMS 2019)
Attacking Industrial Remote Controllers (HITB AMS 2019)Marco Balduzzi
 
Buffer overflow – Smashing The Stack
Buffer overflow – Smashing The StackBuffer overflow – Smashing The Stack
Buffer overflow – Smashing The StackTomer Zait
 
Buffer Overflow - Smashing the Stack
Buffer Overflow - Smashing the StackBuffer Overflow - Smashing the Stack
Buffer Overflow - Smashing the StackironSource
 
Making multiplayer game with Elixir and Elm
Making multiplayer game with Elixir and ElmMaking multiplayer game with Elixir and Elm
Making multiplayer game with Elixir and Elmnetzke
 
side-channel-kevin2600
side-channel-kevin2600side-channel-kevin2600
side-channel-kevin2600Kevin2600
 
Et4045-3-attacks-2
Et4045-3-attacks-2Et4045-3-attacks-2
Et4045-3-attacks-2Tutun Juhana
 
Micro control idsecconf2010
Micro control idsecconf2010Micro control idsecconf2010
Micro control idsecconf2010idsecconf
 
Spi master core verification
Spi master core verificationSpi master core verification
Spi master core verificationMaulik Suthar
 
63071507 interrupts-up
63071507 interrupts-up63071507 interrupts-up
63071507 interrupts-uptt_aljobory
 
Arduino Platform with C programming.
Arduino Platform with C programming.Arduino Platform with C programming.
Arduino Platform with C programming.Govind Jha
 
Step-by-Step Guide to NAS (NFS) Failover over a LAN (with unicast) Supported ...
Step-by-Step Guide to NAS (NFS) Failover over a LAN (with unicast) Supported ...Step-by-Step Guide to NAS (NFS) Failover over a LAN (with unicast) Supported ...
Step-by-Step Guide to NAS (NFS) Failover over a LAN (with unicast) Supported ...open-e
 
Demystifying Secure enclave processor
Demystifying Secure enclave processorDemystifying Secure enclave processor
Demystifying Secure enclave processorPriyanka Aash
 

Semelhante a Offline bruteforce attack on WiFi Protected Setup (20)

Offline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupOffline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setup
 
2. Stream Ciphers
2. Stream Ciphers2. Stream Ciphers
2. Stream Ciphers
 
BlackHat 2009 - Hacking Zigbee Chips (slides)
BlackHat 2009 - Hacking Zigbee Chips (slides)BlackHat 2009 - Hacking Zigbee Chips (slides)
BlackHat 2009 - Hacking Zigbee Chips (slides)
 
Remote tanklevelmonitor
Remote tanklevelmonitorRemote tanklevelmonitor
Remote tanklevelmonitor
 
One-Wire-Serial-Communication.pdf
One-Wire-Serial-Communication.pdfOne-Wire-Serial-Communication.pdf
One-Wire-Serial-Communication.pdf
 
Serial Peripheral Interface
Serial Peripheral InterfaceSerial Peripheral Interface
Serial Peripheral Interface
 
Open-E DSS V6 Synchronous Volume Replication with Failover over a LAN with Un...
Open-E DSS V6 Synchronous Volume Replication with Failover over a LAN with Un...Open-E DSS V6 Synchronous Volume Replication with Failover over a LAN with Un...
Open-E DSS V6 Synchronous Volume Replication with Failover over a LAN with Un...
 
Open-E DSS V6 Synchronous Volume Replication With Failover over a LAN with Br...
Open-E DSS V6 Synchronous Volume Replication With Failover over a LAN with Br...Open-E DSS V6 Synchronous Volume Replication With Failover over a LAN with Br...
Open-E DSS V6 Synchronous Volume Replication With Failover over a LAN with Br...
 
Attacking Industrial Remote Controllers (HITB AMS 2019)
Attacking Industrial Remote Controllers (HITB AMS 2019)Attacking Industrial Remote Controllers (HITB AMS 2019)
Attacking Industrial Remote Controllers (HITB AMS 2019)
 
Buffer overflow – Smashing The Stack
Buffer overflow – Smashing The StackBuffer overflow – Smashing The Stack
Buffer overflow – Smashing The Stack
 
Buffer Overflow - Smashing the Stack
Buffer Overflow - Smashing the StackBuffer Overflow - Smashing the Stack
Buffer Overflow - Smashing the Stack
 
Making multiplayer game with Elixir and Elm
Making multiplayer game with Elixir and ElmMaking multiplayer game with Elixir and Elm
Making multiplayer game with Elixir and Elm
 
side-channel-kevin2600
side-channel-kevin2600side-channel-kevin2600
side-channel-kevin2600
 
Et4045-3-attacks-2
Et4045-3-attacks-2Et4045-3-attacks-2
Et4045-3-attacks-2
 
Micro control idsecconf2010
Micro control idsecconf2010Micro control idsecconf2010
Micro control idsecconf2010
 
Spi master core verification
Spi master core verificationSpi master core verification
Spi master core verification
 
63071507 interrupts-up
63071507 interrupts-up63071507 interrupts-up
63071507 interrupts-up
 
Arduino Platform with C programming.
Arduino Platform with C programming.Arduino Platform with C programming.
Arduino Platform with C programming.
 
Step-by-Step Guide to NAS (NFS) Failover over a LAN (with unicast) Supported ...
Step-by-Step Guide to NAS (NFS) Failover over a LAN (with unicast) Supported ...Step-by-Step Guide to NAS (NFS) Failover over a LAN (with unicast) Supported ...
Step-by-Step Guide to NAS (NFS) Failover over a LAN (with unicast) Supported ...
 
Demystifying Secure enclave processor
Demystifying Secure enclave processorDemystifying Secure enclave processor
Demystifying Secure enclave processor
 

Último

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Offline bruteforce attack on WiFi Protected Setup

  • 1. Offline bruteforce attack on WiFi Protected Setup Dominique Bongard Founder 0xcite, Switzerland @reversity
  • 2. §  Protocol aiming at easily connecting to protected WiFi networks §  Two main modes: Push-Button and 8 digit PIN code §  Gives the WPA passphrase to stations providing the right PIN §  Poor design and implementation
  • 3.
  • 4.
  • 7. §  Brute force each half of the PIN §  Maximum 10‘000 tries + 1‘000 tries §  No limitation on number of tries in many AP §  Takes a few hours (depends on the AP) §  Largely slowed down in new devices (lock-out) §  Many AP still sold with WPS PIN activated
  • 8.
  • 10. §  If we can guess E-S1 and E-S2, we can the brute force PIN1 and PIN2 offline! §  Pixie dust attack!
  • 11. §  Usually with pseudo-random generators (PRNG) §  Often insecure PRNG §  No or low entropy §  Small state (32 bits) §  Can the PRNG state be recovered ?
  • 12. int rand_r( unsigned int *seed ) { unsigned int s=*seed; unsigned int uret; s = (s * 1103515245) + 12345; // permutate seed uret = s & 0xffe00000;// Only use top 11 bits s = (s * 1103515245) + 12345; // permutate seed uret += (s & 0xfffc0000) >> 11;// Only use top 14 bits s = (s * 1103515245) + 12345; // permutate seed uret += (s & 0xfe000000) >> (11+14);// Only use top 7 bits retval = (int)(uret & RAND_MAX); *seed = s; return retval; }
  • 14. §  Linear Congruential Generator §  32 bits state §  No external entropy §  E-S1 and E-S2 generated right after the Nonce
  • 15. §  Do the WPS protocol up to message M3 §  Get the Nonce from M1 §  Bruteforce the state of the PRNG §  Compute E-S1 and E-S2 from the state §  Decrypt E-Hash1 and E-Hash2 §  Bruteforce Pin1 and Pin2 §  Do the full WPS protocol and get the passphrase
  • 16. §  Linear Feedback Shift Register (LFSR) §  Broken §  Doesn‘t matter the keys are always NULL !!
  • 17. §  Some AP have the same state at each boot §  Make a list of common states after reboot §  Attack the AP right after boot
  • 18. §  Trigger the breakers §  DDOS the AP §  Jam the signal until the target reboots the AP
  • 19. §  Looks okay §  Uses /dev/random §  Found in Atheros SDK §  But you never know §  Several papers attack the entropy of the linux PRNG in embedded systems
  • 20. §  It‘s complicated §  Many of the implementations are the reference code for the chipset §  Only the GUI is reskinned §  Therefore many brands are affected §  Many vendors use different chipset §  Even for the same model number
  • 21. §  Disable WPS now ! §  Reverse engineers: Check other AP for bad PRNG §  Cryptographers: Check if good PRNG are okay