Well heres the thing i noticed down here in my location with WPS networks is when ever a customer upgrades or downgrades or moves or the equipment dies or the ISP claims the device is dead customers get a new modem what i noticed in my area is recently is alot of these xfinitywifi are popping up which tells me these customers have recently had their hardware upgraded so likely a WPS attack on them would not be worth it.
Heres the thing unless you can stay at that spot for days using a slow attack on more secure WPS networks then you're wasting your time.
Myself if im out i'll give a WPS attack a try let it run if it hasn't gotten the pin within 15 minutes or i know that the network is likely protected i won't even waste my time.
Heres another thing i learned i've learned that i now can tell if a network is vulnerable or not just by looking at the SSID name.
How you ask?
Well lets just say that comcast customers who have a SSID that starts with HOME-#### likely have a bundled Cable Modem and Router package i myself had this before i bought my own doc 3.0 cable modem online and using my own router i bought anyways before i upgraded my stuff when i had the service put in my SSID name was HOME-#### the #'s are either a letter or a number or both i tried attacking my own router and WPS would lock after 3 fail pin trys so unless you're gonna preform a slow attack and be willing to wait days then its a complete waste of time.
I wanna mention to it appears that some comcast techs who install a customers service set the customers WPA password to the customers phone number thats normally the default password unless the customer changes it most people never do.
Hi ZaraByte,
Can you elaborate on what you mean by slow attack (willing to wait days). The HOME-#### routers that actually allowed me to associate with them and responded to the PIN attempts would lock up every 3 attempts. mdk3 attacks did not result in resets. So just waiting for them to reset on their own was the only option. They would open up sometimes in a few minutes, sometimes in hours. After making all the way to 0.30% in about 4 days it seems like ALL the routers turned OFF WPS for good (they dont even show in the wash list). Seemed odd too because the other routers were not close to 0.30% as i only tried the others for a few days. Its like they communicated to each other. Its also not MAC based as i changed the MAC and even tried another device.
Anyway, i tried -d for over 5 minutes and -r for 10 minute delays every 2 attempts. Also put in re-try delays for an hour is the WPS locked itself. And it still locked itself. How much slower can it get? By my calucation it would take months not days to get anywhere.
Is Reaver totally dead?
in Security
Posted
Hi ZaraByte,
Can you elaborate on what you mean by slow attack (willing to wait days). The HOME-#### routers that actually allowed me to associate with them and responded to the PIN attempts would lock up every 3 attempts. mdk3 attacks did not result in resets. So just waiting for them to reset on their own was the only option. They would open up sometimes in a few minutes, sometimes in hours. After making all the way to 0.30% in about 4 days it seems like ALL the routers turned OFF WPS for good (they dont even show in the wash list). Seemed odd too because the other routers were not close to 0.30% as i only tried the others for a few days. Its like they communicated to each other. Its also not MAC based as i changed the MAC and even tried another device.
Anyway, i tried -d for over 5 minutes and -r for 10 minute delays every 2 attempts. Also put in re-try delays for an hour is the WPS locked itself. And it still locked itself. How much slower can it get? By my calucation it would take months not days to get anywhere.
Is this method futile?