#1  
Old February 21st, 2012, 11:56 AM
Shiftone Shiftone is offline
Junior Member
NETGEAR Newbie
 
Join Date: Feb 2012
Posts: 15
Shiftone is on a distinguished road
Default DGND3300v2 WPS issue

I'm interested to know if disabling the PIN prevents the WPS bruteforce from working on this device.

On my DGND3300v2 - even with the PIN disabled the bruteforce attack is able to exploit the WPS system to return the WPA2 PSK in plaintext in a very short time (less than 3 hours on my router)

Last edited by Mars Mug; February 22nd, 2012 at 09:40 AM.
Reply With Quote
  #2  
Old February 21st, 2012, 12:04 PM
Shiftone Shiftone is offline
Junior Member
NETGEAR Newbie
 
Join Date: Feb 2012
Posts: 15
Shiftone is on a distinguished road
Default WNDR3300 WPS issue

Quote:
Originally Posted by sabretooth View Post
By setting the disable WPS pin, the router can not be hacked by what you have been reading.

This is highly inaccurate.

Disabling the PIN prevents a device from connecting using the PIN.

However - the WPS protocol still operates in the background and will continue to respond to the attack.

The exploit not only returns the WPS PIN but also the WPA PSK in plaintext when successful. I was able to break my WPA key in less than 3 hours.

This vunerability is much more severe than people think.
Reply With Quote
  #3  
Old February 21st, 2012, 12:11 PM
Shiftone Shiftone is offline
Junior Member
NETGEAR Newbie
 
Join Date: Feb 2012
Posts: 15
Shiftone is on a distinguished road
Default Re: Firmware Update for WPS Hack

On my DGND3300v2 -even with the WPS PIN disabled the WPS protocol operates in the background and is still vunerable to attack.

The attack will return the PIN and WPA PSK password in plaintext - it took less than 3 hours on my router. This is with the pin disabled and checked to make sure it doesn't accept WPS PIN connections.

Netgear need to release firmwares that switch off the WPS Protocol entirely for these routers to be secure.
Reply With Quote
  #4  
Old February 21st, 2012, 12:44 PM
StratmanX StratmanX is offline
Junior Member
NETGEAR Newbie
 
Join Date: Sep 2011
Posts: 292
StratmanX is on a distinguished road
Default Re: Disabling WPS on WNDR3800?

Quote:
Originally Posted by Shiftone View Post
This is highly inaccurate.

Disabling the PIN prevents a device from connecting using the PIN.

However - the WPS protocol still operates in the background and will continue to respond to the attack.

The exploit not only returns the WPS PIN but also the WPA PSK in plaintext when successful. I was able to break my WPA key in less than 3 hours.

This vunerability is much more severe than people think.
That is interesting. Another poster was successful with the exploit and then disabled the PIN in the firmware (for a 3800 or 4500, don't recall which) and tried the exploit again and was unsuccessful.
Reply With Quote
  #5  
Old February 21st, 2012, 12:53 PM
StratmanX StratmanX is offline
Junior Member
NETGEAR Newbie
 
Join Date: Sep 2011
Posts: 292
StratmanX is on a distinguished road
Default Re: Firmware Update for WPS Hack

Quote:
Originally Posted by Shiftone View Post
On my DGND3300v2 -even with the WPS PIN disabled the WPS protocol operates in the background and is still vunerable to attack.
This is a WNDR4500 thread. It could be your DGND3300v2 is different than the 4500 (and 3800 where you also posted about this).

As I replied in the WNDR3800 thread to your post, a user with either a 3800 or 4500 disabled the PIN in the firmware and was unable to to successfully exploit the security.

Still, vigilance is critical. No further reports of the 3800 or 4500 being vulnerable to this exploit has been reported on the forum from people who have disabled the PIN. It could be your model that remains vulnerable.
Reply With Quote
  #6  
Old February 21st, 2012, 12:57 PM
StratmanX StratmanX is offline
Junior Member
NETGEAR Newbie
 
Join Date: Sep 2011
Posts: 292
StratmanX is on a distinguished road
Default Re: Disabling WPS on WNDR3800?

Shiftone:

I just read your post on the 4500 thread. You identified your router as the DGND3300v2. You did not identify your router in this thread so I assumed you were referring to a 3800.

As I posted on the 4500 thread, there have been no further posts to my knowledge of continued vulnerability of either the 3800 or 4500 to the exploit for those who have properly disable the PIN in the firmware of a properly functional router.

However, we all must remain vigilant to problems and security risks.
Reply With Quote
  #7  
Old February 21st, 2012, 01:09 PM
Shiftone Shiftone is offline
Junior Member
NETGEAR Newbie
 
Join Date: Feb 2012
Posts: 15
Shiftone is on a distinguished road
Default Re: Firmware Update for WPS Hack

thank you for clearing that up.
Reply With Quote
  #8  
Old February 21st, 2012, 04:45 PM
Simon0 Simon0 is offline
Senior Member
NETGEAR Expert
 
Join Date: Apr 2010
Posts: 891
Simon0 is on a distinguished road
Default Re: Disable WPS - Security Flaw Found

I don't think Netgear plans to release updated firmware, they'd want you to update the hardware but 3rd party firmware options are available..
Reply With Quote
  #9  
Old February 22nd, 2012, 02:33 AM
Shiftone Shiftone is offline
Junior Member
NETGEAR Newbie
 
Join Date: Feb 2012
Posts: 15
Shiftone is on a distinguished road
Default Re: Disable WPS - Security Flaw Found

not for the dgnd3300v2 there isn't; or not that I can find. DGTeam seem to have left the scene and the other options don't work for adsl modem routers.
Reply With Quote
  #10  
Old March 6th, 2012, 03:49 PM
Goob Goob is offline
Junior Member
NETGEAR Newbie
 
Join Date: Mar 2012
Posts: 23
Goob is on a distinguished road
Default Re: DGND3300v2 WPS issue

So....
If a person can get a routers WPA-PSK in plain text in 3 hours, isn't that equal to zero security?

I mean
1. Someone can set a 59 digit randomized WPA2 password thinking such a long randomized password is super secure.
2. Someone else sets a WPA2 password called: MyPassword2

If both can be brute force revealed in 3 hours, then the first long password is just as insecure as the silly short second password, right?

If this is true, I'm sorry, but Netgear needs staff working on the fix 24/7 until it is patched for all devices....
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -8. The time now is 02:19 PM.