WPS Pixie Dust Attack (Offline WPS Attack)

**someone_else** · 2015-04-12

Vulnerable:

WPS Manufacturer: D-Link
WPS Model Number: DIR-615H1
CHiP: Ralink RT3352
E-Nonce: 60:d5:32:46:7f:2c:31:a8:e6:0b:db:5a:5e:06:ce:f8
PKE:ac:21:5b:eb:8d:70:ac:53:81:c7:4d:aa:fc:88:90:3 d:8f:c7:5d:e8:fa:b1:d3:0f:d6:81:bf:d7:a1:0d:23:62: d3:07:77:d6:76:7b:5c:cc:18:f2:13:f3:1f:d2:64:86:87 :67:74:cf:38:db:e4:32:86:92:65:05:9a:8d:a3:eb:79:2 7:60:e6:13:74:d2:3b:92:42:37:e3:bb:3d:29:db:ff:78: 49:27:18:10:ef:bd:a4:ce:57:40:aa:7e:2d:bf:21:51:9f :91:f0:df:e3:d2:89:b5:9f:c1:b6:1c:5c:1e:d9:e3:73:d 4:38:3b:75:2e:e1:c2:63:55:a3:4d:e9:fe:c3:1f:e4:4d: ac:69:fe:9c:d3:37:7a:df:36:89:a3:61:00:92:d2:94:2e :b2:fd:82:84:b8:08:d3:64:ea:28:cd:26:5e:d6:62:a0:8 e:e5:df:f6:5f:2c:0d:28:c8:b6:48:c7:91:d2:e5:b7:d6: bd:c1:f4:7a:e6:be:e1:37:0b:96
AuthKey: 93:94:ad:9a:fd:e1:e4:bc:6e:9b:77:ec:a8:52:de:cb:33 :3f:11:6d:d8:66:b2:d3:01:25:27:b9:9c:1f:91:ed
E-Hash1: 86:31:65:59:bc:4c:4f:6c:55:53:6c:bd:24:82:11:4c:35 :4b:16:ed:b4:f9:b5:d5:b7:6a:d0:7f:be:bd:68:b8
E-Hash2: 4b:f6:32:c3:55:2e:0b:e4:41:68:7b:03:10:74:2b:59:44 :6a:ee:27:d2:93:ca:d0:1a:cb:a1:da:2a:95:c6:9d

NOT VULNERABLE:

Modell: WNR1000v3 - Netgear
Chip:Broadcom BCM5356A1

E-Nonce: 5a:bc:44:d6:c7:96:9f:12:4e:e2:0a:c3:b6:b2:cd:53
PKE:e5:4d:f8:60:b2:0c:a4:1e:94:55:46:bf:b5:e6:ba:7 2:0b:52:b5:37:ef:d9:e3:cd:a9:cd:e6:16:c6:b6:d9:d4: 41:47:05:59:aa:3c:b9:e0:2d:89:4b:d1:bd:97:a1:23:a4 :b7:98:48:2b:6e:dd:a1:b2:0c:28:d1:2c:a5:1c:6a:c7:2 6:e2:4d:18:f0:28:2d:1b:35:85:a0:01:1d:2f:1c:09:f6: b0:03:ee:c6:86:ff:dd:8d:84:f1:22:1d:de:2a:ff:9e:b3 :70:95:09:75:85:4a:1a:8a:41:57:7b:8e:e2:60:79:4f:9 1:cc:a2:55:12:73:a5:6c:e3:c5:08:fc:81:9a:1f:18:48: 25:69:f6:d6:6e:d2:1b:c3:d2:7b:87:c1:ee:ab:e6:e3:48 :eb:ed:8c:4f:1a:d1:60:27:b7:88:ed:96:5c:47:5f:b5:a 4:d3:78:0b:20:f7:5b:1e:cf:c0:a0:03:e4:49:f1:57:df: f9:b9:42:85:a0:51:dd:bc:cf:bd
PKR:d8:8d:2f:fe:ca:6a:e6:db:c8:ac:7d:9c:5c:f8:36:6 b:7c:40:d2:56:91:0c:5d:d8:e4:f1:a8:2b:7f:c1:10:98: bf:a2:e3:df:02:a3:86:bb:be:10:a7:00:62:43:41:74:db :15:40:b5:18:42:de:92:e3:15:02:40:63:f2:fa:43:3d:e d:8c:78:e5:bf:40:37:1f:72:78:3a:73:c8:1f:93:9c:13: 18:a4:22:a6:8f:66:7d:c2:43:12:94:6f:92:a4:42:19:b2 :0d:21:b4:23:7b:75:75:f2:99:13:d4:09:76:fb:a7:23:9 3:1b:82:93:91:f6:cf:92:af:15:36:3c:a5:c4:5e:65:95: 10:52:54:dc:74:7b:b9:74:2d:fa:9e:6f:fb:c9:e6:87:a7 :ee:47:31:dc:ae:93:ba:6d:15:13:c9:51:7f:de:8f:f7:c 7:c3:09:86:3d:6b:cd:5e:3a:7d:a7:af:fb:39:82:10:12: 0c:1c:23:f7:16:6b:fe:6c:86:fc
AuthKey: 5a:bf:8b:43:be:0d:e2:12:0d:48:a5:a4:95:7a:e5:31:1d :6a:75:0e:49:7e:6e:fd:18:07:96:c3:7d:21:f8:1e
E-Hash1: 2a:1f:0d:4e:de:29:61:01:a0:86:45:be:34:71:ae:15:3c :58:21:e1:34:77:9b:f7:89:ed:48:07:b8:ee:9e:ac
E-Hash2: 44:31:63:0f:9c:5e:e7:5b:bb:a7:1b:c2:b7:14:35:93:16 :fe:e7:0e:0e:33:85:c3:08:9f:24:a6:8c:dd:68:c7

btw @soxrok2212: i forgot two digits in the hitron-no. correct is cve30360, not cve360]
@all:
is there any way, to calculate the auth-key from an existing .pcap with some bash/shell-code ? i like to extract the necessary info with tshark from capture-file (for PKR : tshark -r "$capfile" -Y "wps.message_type == M2" -T fields -e wps.public_key |head -1 ) and calculate the auth-key with some bash-script.
thanks & i forgot at my first post : great work !

Thread: WPS Pixie Dust Attack (Offline WPS Attack)

Thread Tools

Search Thread

Display

Threaded View

Similar Threads

WPS Pixie Dust Attack (Offline WPS Attack)

Reaver modfication for Pixie Dust Attack

Pixiewps: wps pixie dust attack tool

Posting Permissions