• August 22, 2019, 10:51:01 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: 1 [2]

Author Topic: How to disable WPS? WPS Security Issue. I'm vulnerable, and I can't turn it off.  (Read 6112 times)

Duke

  • Level 1 Member
  • *
  • Posts: 6

Yes i bought Ac1200 Dir-822 has four antennas is fast so i told him to buy it too since it was on offer. He bought it i set it for him and it can't be hacked.

The app Wps Wpa Tester shows wpa in red and can't be hacked, if it shows wps/wpa in green it can be hacked.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 47703
  • D-Link Global Forum Moderator
    • Router Troubleshooting

What FW version is he using? You might as him what he did to get his safer. Did he load a 3rd party FW package on it?
Logged
Cable:200mb/10Mb>NetGear C7800>DIR-882>DGS-1100>HP 24pt Gb Switch. COVR-3902/2202/1203,DIR-2680,890L,882,880L,868L,DNR-202L,DNS-345x2,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

GreenBay42

  • Administrator
  • Level 10 Member
  • *
  • Posts: 2143

What hardware revision do you both have?
Logged

Duke

  • Level 1 Member
  • *
  • Posts: 6

Both of them are same everything 100% same no difference at all, i set both of them up on my laptop. We use it for wifi purpose for mobile phones only.
Logged

Duke

  • Level 1 Member
  • *
  • Posts: 6

Alright guys the call was useless it was what i expected. I thought yesterday that maybe the dir 822 comes from the factory with wps disabled thats the only thing the tech guy confirmed.
He told me to download Anydesk which i did accepted his connection request he logged in and told me that this already has wps disabled from factory nothing can be done. But mine is not disabled told him he didn't believe said he can't trust any app from outside. I told him iam not telling you to trust the app i am just saying this has wps enabled but he wouldn't believe just kept on saying no its disabled see see blah blah. Anyho Dir 822 comes with wps disabled but then there is no option to enable/disable it later, now iam stuck with a useless router which anyone with no tech knowledge whatsoever can hack.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 47703
  • D-Link Global Forum Moderator
    • Router Troubleshooting

How did you set his one up? Same thing configuration?

Can you try your router at his place to see if problem follows?

Yes i bought Ac1200 Dir-822 has four antennas is fast so i told him to buy it too since it was on offer. He bought it i set it for him and it can't be hacked.

The app Wps Wpa Tester shows wpa in red and can't be hacked, if it shows wps/wpa in green it can be hacked.
Logged
Cable:200mb/10Mb>NetGear C7800>DIR-882>DGS-1100>HP 24pt Gb Switch. COVR-3902/2202/1203,DIR-2680,890L,882,880L,868L,DNR-202L,DNS-345x2,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

GreenBay42

  • Administrator
  • Level 10 Member
  • *
  • Posts: 2143

I will ask again, what hardware revision are these?
Logged

gusbh

  • Level 1 Member
  • *
  • Posts: 7

The app Wps Wpa Tester shows wpa in red and can't be hacked, if it shows wps/wpa in green it can be hacked.

What is the hardware revision on yours routers? Lets call it the green and the red one.

I guess yours green is just like mine the Hardware Version: C1 / Firmware Version: 3.02

(and now beside my WPS vulnerability, my router now resets it self, apparently when I connect my S8 plus with it in 5Ghz. I might downgrade it back to 3.01)

I used to love this router, but now, I canīt even recommend it.  :-[

I can't use the support chat because the website doesn't work properly, and I'm resistant to call them, because I'm pretty sure they will have no idea what to say and will "bs" me as usually they do. If America headquarters can't answer this, I really don't think they will know it here.

It seems to me to be easily issued releasing a new firmware.

Thanks
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 47703
  • D-Link Global Forum Moderator
    • Router Troubleshooting

Are both routers you have and set up Rev C1 using v3.02 or v3.01?

What is the Rev version and FW version of the router in Red that you said can not be hacked?

Please be patient while D-Link reviews this issue. The entire process takes time to review, reproduce and test in there labs then it takes time to develop any fixes for this then those fixes have to be tested to make sure it doesn't break anything else before it gets published for used by you and others. We ask that you provide as much information as possible and answer questions so that we can help D-Link gather all info so they can work with good information to help resolve this issue.

You do need to and should contact your regional D-Link office and talk to escalated support about this. You can also refer them to this forum thread as well and have them review this. They need to be aware of what your seeing.

So please be patient while D-Link reviews this.

The app Wps Wpa Tester shows wpa in red and can't be hacked, if it shows wps/wpa in green it can be hacked.

What is the hardware revision on yours routers? Lets call it the green and the red one.

I guess yours green is just like mine the Hardware Version: C1 / Firmware Version: 3.02

(and now beside my WPS vulnerability, my router now resets it self, apparently when I connect my S8 plus with it in 5Ghz. I might downgrade it back to 3.01)

I used to love this router, but now, I canīt even recommend it.  :-[

I can't use the support chat because the website doesn't work properly, and I'm resistant to call them, because I'm pretty sure they will have no idea what to say and will "bs" me as usually they do. If America headquarters can't answer this, I really don't think they will know it here.

It seems to me to be easily issued releasing a new firmware.

Thanks
Logged
Cable:200mb/10Mb>NetGear C7800>DIR-882>DGS-1100>HP 24pt Gb Switch. COVR-3902/2202/1203,DIR-2680,890L,882,880L,868L,DNR-202L,DNS-345x2,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

GreenBay42

  • Administrator
  • Level 10 Member
  • *
  • Posts: 2143

This issue is in review with the security group.

You can downgrade the firmware using emergency recovery. Hold the reset button down and unplug the power. Plug it back in while still holding in the reset button. Release after about 10 seconds. log into the router and a firmware load page should appear.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 47703
  • D-Link Global Forum Moderator
    • Router Troubleshooting

You'll need to set a Static IP address on the PC as well.  ;)
Logged
Cable:200mb/10Mb>NetGear C7800>DIR-882>DGS-1100>HP 24pt Gb Switch. COVR-3902/2202/1203,DIR-2680,890L,882,880L,868L,DNR-202L,DNS-345x2,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

gusbh

  • Level 1 Member
  • *
  • Posts: 7

This issue is in review with the security group.

You can downgrade the firmware using emergency recovery. Hold the reset button down and unplug the power. Plug it back in while still holding in the reset button. Release after about 10 seconds. log into the router and a firmware load page should appear.

1-
Is there a link for this security group reviewing the issue?

2-
I also did a downgrade to 3.01. But used the same way to upgrade, and it worked fine. I did it to test the WPS again (falied), and specially because I could not use 5Ghz with my S8+ (g955fd) without having the router to restart it self couple times.

3-
As asked before, the support team here said....
Dear Mr. Gus

Good Morning,
To disable the WPS function of the router, simply push the button on the back of the device located next to the POWER button. After that, notice on the front if the third led from left to right is off, if it is, the WPS function is disabled.
Sorry, the default PIN password can not be changed. It will always be the password that is on the label attached to the equipment.
 
Any questions, please get in touch with us.
Regards,
E-mail Support
D-Link Brasil


4-
Any ETA for a new firmware?

5-
Just a guess. It seems that a simple change in the wps default password calculation math, or any really random number, would at least not be that easy to hack. The app seems to use some kind of calculation to "find" possible passwords, based on MAC address and so on....

Thanks!
Logged

gusbh

  • Level 1 Member
  • *
  • Posts: 7

Just to report the final answer from Brazil DLink support by e-mail.


Protocol: LTK1119403110946X
Subject: Message Offline (via LivePerson)

Dear Mr. Gus........,
Good Morning,

We are sorry for the inconvenience.
Please note that using version 3.01 or 3.02 you can not disable the WPS function and we do not have a firmware version available with this feature at this time.

Your comment is very welcome and will be sent to our quality sector so that the feasibility of improvement can be analyzed and verified.

Once again we regret the inconvenience.

Any questions, please get in touch with us.

Regards,
E-mail Support

D-Link Brasil
support@br.dlink.com
www.dlink.com.br
www.facebook.com/Dlinkbrasil


I hope to see some new firmware soon.  ;)

I would like to hear anything about dlink if possible, like.... Is at least the issue still under review by the tech team?
See yall.
Logged

GreenBay42

  • Administrator
  • Level 10 Member
  • *
  • Posts: 2143

This issue has been reported to the security team and hopefully a new firmware will be out soon. I do not have an ETA unfortunately but they are working on it.
Logged

GreenBay42

  • Administrator
  • Level 10 Member
  • *
  • Posts: 2143
Logged
Pages: 1 [2]