Page 3 of 58 FirstFirst 123451353 ... LastLast
Results 21 to 30 of 580

Thread: WPS Pixie Dust Attack (Offline WPS Attack)

  1. #21
    Senior Member
    Join Date
    Jul 2013
    Location
    United States
    Posts
    516
    Quote Originally Posted by repzeroworld View Post
    the time taken decrypt the private keys (Private Random number) sent during the Diffie-Helman process depends on the prime modulus used (mod p in our case)...the biggger the prime modulus..the longer it will take, also take into consideration the magntitude of the generator in this case "g"....here is another good link which explains the "Alice and Bob" theory..the mathematics might be a little messed up for some...

    http://www.academia.edu/1958665/Eucl...urity_Protocol

    GRAPHICAL PATTERNS in Exponential functions that inlcude the modulus of private random prime numbers might be a breakthorugh in the future...
    But since we are the registrar in the WPS transaction, wouldn't we already know the shared secret and the generator and the enrollee's public number and the prime modulus?

  2. #22
    Senior Member
    Join Date
    Jun 2013
    Posts
    125
    Yes soxrok2212.I caught up focusing on the modulas equation you posted for the Diffie-Helman process...As a result I was commenting on the probability of decrypting Diffie-Helman process using a man in the middle attack......Sticking to this thread Now, i am thinking along codes to bruteforcet Pseudo random Generators in order to compute E-S1 and E-S2 ( I am of the opinion that this might include algorithmic codes that guess statiscal patterns in PRNGs-maths,maths,maths.)..However when this attack was proposed by Mr. Bongard,I was looking for books on PRNGS..I noticed amazon had a couple...I might see if there are torrent ebooks out there....all for now....
    Last edited by repzeroworld; 2015-03-03 at 10:44 PM.

  3. #23
    Senior Member
    Join Date
    Jul 2013
    Location
    United States
    Posts
    516
    Quote Originally Posted by repzeroworld View Post
    Sticking to this thread Now, i am thinking along codes to bruteforcet Pseudo random Generators in order to compute E-S1 and E-S2 ( I am of the opinion that this might include algorithmic codes that guess statiscal patterns in PRNGs-maths,maths,maths.)
    I have sent you an e-mail to one of your old addresses, I'm not sure if you still have access to them... If you could please respond there that would be great, thanks. I have a few questions to ask but don't want to blow up the forums.
    Last edited by soxrok2212; 2015-03-04 at 11:43 AM.

  4. #24
    Senior Member
    Join Date
    Jul 2013
    Location
    United States
    Posts
    516
    So for those of you having trouble understanding the video of the DH Key exchange I posted, here is how 3^15 mod 17 = 6. First, calculate 3^15, which is our "generator" times the private number of in our applied case, the enrollee... = 14,348,907. Now, we take 14,348,907 and divide it by our prime modulus (known by both the enrollee and registrar, (17) and get 844,053.3529. Now, we remove the remainder from that number, .3529, so we are left with only 844,053 and multiply it by our prime modulus... 844,053 * 17=14,348901. Now, take our initial value (3^15) which is 14,348,907 and subtract the value we just calculated, 14,348,901... 14,348,907 - 14,348,901 = 6!

    Therefore:
    3^15 mod 17 = 6

    Now that the enrollee has generated a public number from its private number, it sends that to the registrar. Now it is the registrars turn to come up with its own private number (13) and make a public number.

    3^13 mod 17 = 12

    3^13 = 1,594,323
    Now, divide by our prime modulus (17)... 1,594,323 / 17 = 93,783.70588. Remove the decimal and get 93,783. Now multiply that number by 17... 93,783 * 17 = 1,594,311. Now, take our initial value and subtract the value we just created to get the registrar's public number... 1,594,323 - 1,594,311 = 12! The registrar then sends this publicly to the enrollee.

    Enrolee public number: 6
    Enrolee private number: 15
    Registrar public number: 12
    Registrar private number: 13

    Now, the registrar and the enrollee both know each others public numbers, 6 and 12. So what they do now is they take their public number from the other, and raise it to the power of their own private number.

    So for the enrollee to calculate the shared secret, it would do 12^15 mod 17 = 10
    And for the registrar to calculate the shared secret, it would do 6^13 mod 17 = 10

    Now they both know the shared secret, which I THINK may also be the seed that the PRNG uses (as stated before) but I'm not sure yet, or maybe this shared secret in conjunction with something else is the seed.
    Last edited by soxrok2212; 2015-03-04 at 11:44 AM.

  5. #25
    Senior Member
    Join Date
    Jul 2013
    Location
    United States
    Posts
    516
    Updated with all the latest information!!!! Just need someone who knows C now...

  6. #26
    Senior Member
    Join Date
    Jun 2013
    Posts
    125
    Nice explanation of modulus arithematic aspect...sorry dude i don't know C..hope someone with C experience and pentesting can contribute to this thread,,,I noticed in the Pixie Dust attack documentation there is a lack of certainty whether the PNRG state can be bruteforced..if this can be done then we can compute E-S1 and E-S2 and then bruteforce the first half and second half of the pin offline.....I tihnk we need to get Mr. Bongard and lock him down until he successfully complete his thesis (haha...just kidding)..

  7. #27
    Senior Member
    Join Date
    Jul 2013
    Location
    United States
    Posts
    516
    It can be done, we just have to throw in seeds until we get a match. Very simple. The generator will make a long string of numbers/letters and only part of it in the PKE (Enrollee nonce), and then directly after it are the E-S1 and the E-S2

    If anyone knows C, please leave a comment. Looking to find someone to build a tool with.

    Or if there is anyone who knows python let me know please. I would like to get a project going.
    Last edited by g0tmi1k; 2015-03-09 at 09:49 PM. Reason: *merged*

  8. #28
    Senior Member
    Join Date
    Sep 2013
    Posts
    262
    WoW
    thank you guys for this excellent theme
    @ soxrok2212
    i am not a programmer and seeding is a problem with bash which is the only thing i know very few about. I gues it can be done from the sacrtach but i am not sure baout the efficiency of the code,
    I know to who ask for help, he should be interested in helping you.
    If not i can help you to start something in python and we can see how to get support on the way. C is above my mind
    I send a MP to this person right now and tell you as soon as possible.
    thanks for all your sharing and explanations in this theme . See you

  9. #29
    Senior Member
    Join Date
    Jul 2013
    Location
    United States
    Posts
    516
    Quote Originally Posted by kcdtv View Post
    WoW
    thank you guys for this excellent theme
    @ soxrok2212
    i am not a programmer and seeding is a problem with bash which is the only thing i know very few about. I gues it can be done from the sacrtach but i am not sure baout the efficiency of the code,
    I know to who ask for help, he should be interested in helping you.
    If not i can help you to start something in python and we can see how to get support on the way. C is above my mind
    I send a MP to this person right now and tell you as soon as possible.
    thanks for all your sharing and explanations in this theme . See you
    my email is my name @gmail.com if you wish to contact me.
    Last edited by soxrok2212; 2015-03-11 at 11:45 AM.

  10. #30
    Senior Member
    Join Date
    Sep 2013
    Posts
    262
    Yes, i guess it was me.... my first language is not spanish but i am definitely more fluent in spanish than in english,(i understand everything but my grammar and my syntaxes are horrible)
    I write you a mail (in spanish)
    I didn't receive an answer from my friend yet... But it is still a bit early for him
    we keep in touch- i write you a mail right now and like this you have mine
    cee you there

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •