Poor WPS Implementation in Routers Makes Devices Vulnerable to Offline Attacks

September 1, 2014


Routers that have a weak implementation of the WiFi Protected Setup (WPS) security standard are vulnerable to a new type of offline attack that could offer access to the network in seconds.A brute-force attack would reach the same end in a few hours, but the new one, presented by reverse engineer Dominique Bongard from 0xcite, requires a single guess to uncover the correct PIN code for accessing the devices WPS functions.The method used by the researcher relies on exploiting weak random…