THEORY BEHIND CRACKING WPA/WPA2 - WPS ENABLED NETWORKS
WPS is a feature that allows users to connect to WPS enabled
networks easily, using a WPS button or only by clicking on WPS
functionality.
Authentication is done using an 8 digit long pin, this means that
there is a relatively small number of pin combination and using
brute force we can guess the pin in less than 10 hours.
A tool called reaver can then recover the WPA/WPA key from
the pin.
Note: This flaw is in the WPS feature and not in WPA/WPA2 ,
however it allows us to crack any WPA/WPA2 AP without using
a wordlist and without any clients.
networks easily, using a WPS button or only by clicking on WPS
functionality.
Authentication is done using an 8 digit long pin, this means that
there is a relatively small number of pin combination and using
brute force we can guess the pin in less than 10 hours.
A tool called reaver can then recover the WPA/WPA key from
the pin.
Note: This flaw is in the WPS feature and not in WPA/WPA2 ,
however it allows us to crack any WPA/WPA2 AP without using
a wordlist and without any clients.
Comments
Post a Comment