![]() ) of the access point.Īn attacker can afterwards connect to the access point and perform maliciousĪctivities such as Man-in-the-middle attacks using ARP spoofing, attack clientsĪ script that implements the derivation algorithm has been developed: #!/usr/bin/env python This PIN can then be used to retrieve the current access pointĬonfiguration (including the WPA passphrase) or to change the configuration from 802.11 Beacon Frames) and calculate the default WPS PINįor it. ![]() The serial number can beĪn unauthenticated attacker within the range of the access point can capture The algorithm that generates the default WPS-PIN is entirely based on the MACĪddress (=BSSID) and serial number of the device. A Wi-Fi AP is enabled by default and can beĪccessed with the default WPS PIN (PIN External Registrar) printed on the back These DSL home gateways are manufactured by Arcadyan/Astoria Networks and are Vulnerable version: EasyBox 802 - all versionsĮasyBox 803 - Production date before August 2011įixed version: EasyBox 802 - no vendor patch availableĮasyBox 803 - Production date after August 2011 Title: Vodafone EasyBox Default WPS PIN Algorithm Weakness SEC Consult Vulnerability Lab Security Advisory
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |