"The Pixie Dust hack involves an attacker who is in range of the targeted Wi-Fi network capturing the initial WPS handshake, which contains data that can then be cracked offline to obtain the WPS PIN. The attack leverages the fact that on some devices random numbers are generated using predictable or low-entropy methods. The attacker only needs seconds to capture the WPS handshake and the PIN can then be obtained offline within minutes or even seconds."
"NetRise has conducted an analysis of 24 networking device models used today to see if they are still vulnerable to Pixie Dust attacks. The devices came from six vendors, but half of them were made by TP-Link. NetRise's analysis showed that of the 24 routers, access points, range extenders, and powerline/Wi-Fi hybrid systems only four have been patched against Pixie Dust attacks, but in many cases the fixes came after 9-10 years."
Pixie Dust is a WPS vulnerability from 2014 that lets an attacker capture an initial WPS handshake while in wireless range and crack it offline to recover a router’s WPS PIN, enabling network access without the Wi‑Fi password. The attack exploits predictable or low‑entropy random number generation on some devices and requires only seconds to capture and minutes or seconds to recover the PIN. An analysis of 24 current networking models across six vendors found only four patched devices, many fixes arrived after nine to ten years, seven unpatched products are end‑of‑life, and 13 remain supported.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]