Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[ds2014]

Hello,

I had updated the firmware during my first setup from ver 2.00 to 2.04.
My dlink dir600l is vulnerable to wps attack with firmware ver 2.04. HW ver B1.

I did a pentest on the router today.

The Firmware page in the Web UI shows that I am running the latest version. (Tue 15 Oct 2013)

At the moment I have disabled WPS but is there a patch or newer firmware for it.

Thank you.

[FurryNutz]

Link>Welcome!

• What region are you located?
• Was a Factory Reset performed before and after any firmware updates then set up from scratch?

FW Update Process


Internet Service Provider and Modem Configurations

• What ISP Service do you have? Cable or DSL?
• What ISP Modem Mfr. and model # do you have?
• What ISP Modem service link speeds UP and Down do you have?

How are u determining that this is a vilnerability? Please be detailed?
What is this "pentest"?
What was the reason for updatin fw? Was there a problem with the router before the update?[/list]

[ds2014]

I am sorry for the delay in repling back.


What region are you located?
--- Mumbai - India.

Was a Factory Reset performed before and after any firmware updates then set up from scratch?
--- Yes


Internet Service Provider and Modem Configurations
What ISP Service do you have? Cable or DSL?
--- MTNL ADSL router (only wired)
--- Dlink DIR 600L connected to ADSL router ethernet port.

What ISP Modem Mfr. and model # do you have?
--- Serlite SAM 300 AX (provided by isp

What ISP Modem service link speeds UP and Down do you have?
--- MTNL 512 Kbps down.

--------------------------

How are u determining that this is a vilnerability? Please be detailed?

https://en.wikipedia.org/wiki/Wi-Fi_Protected_Setup#Brute-force_attack

When the attacker attempts to brute force the PIN, the AP replies the validity of the first and second halves of the PIN separately. With this the attacker first brute forces the first half and after success of the first half continues to brute force the second half.

What is this "pentest"?

I mean Wireless Penetration Testing on my Dlink DIR 600L.

My Wireless Penetration Testing Video link : http://www.mediafire.com/watch/ykjo2624e839su9/wps.ogv
Download the video and watch, playing it in the browser may skip frames.

Started Reaver and terminated process after a few PIN tries.
Modified Reaver Session file to resume from a particular first half PIN to speed up the attack and continued.
....
Trying pin 33339993
.......
Trying pin 44449995
.......
Trying pin 55559995
.......
Trying pin 66669999
.......
After  Reaver tied the PIN 73759997 (30 seconds in video) it continued guessing the second half.
The progress jumped to 90.93%
.....
Sending........
Trying pin 73759997
Sending EPOL..............
......
....
...
Trying pin 7375

Sending EPOL START....
..........
...........
Trying pin 73755678
......
Trying pin 73750000
.........
Trying pin 73752226
.........
Trying pin 73753339
.......
Trying pin 73754442
.....
Trying pin 73755555
.....
Trying pin 73756668
.....
Trying pin 73757771
.....
Trying pin 73758881

--------------------------

What was the reason for updatin fw? Was there a problem with the router before the update?
---- Weak signal but the problem continued even after updating the firmware. Moving the AP to another location solved the problem.

I hope all that I have written above and shown in practical recording proves all what i have said is correct to the best of my knowledge.




Thanks.

[FurryNutz]

Does this test pass if you disable WPS on the router?

I recommend that you phone contact your regional D-Link support office and ask them if for information regarding this.
http://support.dlink.com/SecurityAdvisories.aspx#Tracking_Security_vulnerability

I don't see any listings for issues for the 600L here...