Attack Tool Released For WPS Setup Flaw 164
Trailrunner7 writes "Just a day after security researcher Stefan Viehbock released details of a vulnerability in the WiFi Protected Setup (WPS) standard that enables attackers to recover the router PIN, a security firm has published an open-source tool capable of exploiting the vulnerability. The tool, known as Reaver, has the ability to find the WPS PIN on a given router and then recover the WPA passphrase for the router, as well. Tactical Network Solutions has released the tool as an open-source project on Google Code, but also is selling a more advanced commercial version."
Re:What purpose? (Score:5, Interesting)
Maybe it's handy for verifying you are vulnerable?
Although I'd have to admit anyone actually using WPS probably isn't interested enough to even know such a tool exists...
Well, since the claim is most routers are vulnerable by default, I can see value in using this as a test tool - both against your router's current configuration and after you've supposedly disabled WPS.
And, speaking as an owner of an Apple router, I'd like to verify whether my belief that the Airport Extreme doesn't enable a PIN by default is correct.
Re:WTF is WPS? (Score:5, Interesting)