Quote Originally Posted by t6_x View Post
The reason is because not supported routers use the /dev/urandom to generate the random numbers.

The Untwister, only supports basic PRNG of certain libraries (Glibc's, Mersenne Twister, PHP's MT-variant, Ruby's). These are simple and easy to crack PRNG.

But not supported routers use the /dev/urandom, which is safer and complicated to manage to find the seed.
as far as i can tell, only Atheros us /dev/random. Also Dominique boguard Clearly stated that these seeds could be found in seconds with a decent computer. which algorithm the prng uses is stated anywhere as far as i have read.
also Dominique pointed out that the seed was very low entropy, only 32 bits!!, its nothing impossible to crack in minutes with any home computer. the only reason we can't is because someone hasn't figured out how to write the code yet. Everything is literally written down for us in Boguard's Presentation....Literally....the only reason we're able to get the pin now is because we assume ES-1 = ES-2 = 0. which really not much of "hacking". the only problem we are facing now, is someone needs to know how to write a code to find the state of the PRNG, once that's found we generate random numbers, hash the result with hmac_sha-256. and then simply compare the results to what the router gave us. once we see they are the same, we know we have the correct seed, from that we can find ES-1 and ES-2 (im using broadcom as an exemple since it generates both nounces right after M1 message). This is by far the simplest thing, im honestly very surprised broadcom hasn't been cracked yet. its really not that complicated. Lets not forget Dominique Boguard was able to pwn every router out there. even Atheros with their "hard to crack" /dev/radom prng.