Presentation is loading. Please wait.

Presentation is loading. Please wait.

Reaver is the Linux tool used to implement a Brute Force Attack against Wi-Fi Protected Setup registrar PINs in order to recover WPA/WPA2 passphrases.

Similar presentations


Presentation on theme: "Reaver is the Linux tool used to implement a Brute Force Attack against Wi-Fi Protected Setup registrar PINs in order to recover WPA/WPA2 passphrases."— Presentation transcript:

1 Reaver is the Linux tool used to implement a Brute Force Attack against Wi-Fi Protected Setup registrar PINs in order to recover WPA/WPA2 passphrases.

2 Since 2007 the Wi-Fi Alliance provided industry wide setup solutions for home and small business environments. Allows for typical users with little knowledge of wireless configurations and security settings to configure a new wireless network.

3 By default (out-of-the-box) WPS is always active on all devices. WPS is marketed as being secure, however newly discovered design and implementation flaws allow attackers to gain access. Allows users to enter an 8 digit PIN to connect to a secured network without having to enter a passphrase. When the user supplies the correct PIN the access point essentially gives the user the WPA/WPA2 PSK that is needed to connect to the network.

4 User pushes a button on both the Access Point and new wireless device (e.g. printer, PC, NIC)

5 Internal Registrar User enters WPS PIN of the Wi-Fi adapter into the web interface of the Access Point. External Registrar User enters WPS PIN of the Access Point into the client device (e.g. PC, laptop)

6 Is a WPA attack tool developed by Tactical Network Solutions that exploits a protocol flaw in the Wi-Fi Protected Setup (WPS). This vulnerability exposes a side-channel attack against Wi-Fi Protected Access (WPA) versions 1 and 2 allowing the extraction of the Pre-Shared Key (PSK) used to secure the network. Determine an Access Point's PIN and then extract the PSK and give it to the attacker.

7 An authentication attempt can take between 0.5 and 3 seconds to complete. Once the PIN of the Access Point has been discovered the Access Point then hands the requesting device the passphrase.

8 Cisco/Linksys Netgear D-Link Belkin Buffalo ZyXEL Technicolor

9 Disable WPS, however this may not be available on all devices.

10 Tactical network solutions. (2011). Retrieved from


Download ppt "Reaver is the Linux tool used to implement a Brute Force Attack against Wi-Fi Protected Setup registrar PINs in order to recover WPA/WPA2 passphrases."

Similar presentations


Ads by Google