If your Wi-Fi router supports Wi-Fi Protected Setup (WPS) — and most newer home/small-business routers do — it might easily reveal its passwords to a readily available hacking tool.
You can use that tool to be 100 percent certain your router isn’t vulnerable to malicious WPS hacking. Here’s how.
Recap: Why WPS routers are typically not secure
Think your Wi-Fi router’s safe because you use a long and complex passphrase? Think again! In the Dec. 13 Top Story, I discussed a fundamental security flaw in most routers using WPS technology.
In short, all WPS-enabled routers have a built-in, easily hackable back door: a simple, vendor-assigned PIN (personal identification number) of just six to eight numerals. This PIN can easily be guessed by free hacker tools that run on ordinary laptops — or even smartphones.
A hacked WPS PIN opens the door to your entire Wi-Fi network. With the correct PIN, an attacker can recover a router’s passphrase, giving him full access to a Wi-Fi network. Here are the key points from last week’s story:
- All WPS-enabled routers are vulnerable to this kind of PIN hacking.
- The only way to prevent this type of hacking is to disable WPS.
- Some routers are supposed to time-limit or otherwise automatically disable WPS, but there’s no obvious way to know whether this is working.
- Some router configuration software is faulty; even if you disable WPS in the router’s setup menus, WPS will actually still remain active — and vulnerable.
- The only sure way to determine whether your router is vulnerable to WPS PIN hacking is to test-hack it yourself. The easiest way to do so is with a free, open-source, white-hat hacking tool called Reaver.
In this article, I’ll walk you through the use of Reaver and some associated tools so you can see whether your own network is vulnerable to WPS hacking.
Note: Reaver’s intended use is to sniff out router vulnerabilities so they can be corrected. However, black-hat hackers can also use it to steal PINS or for other malicious purposes. I shouldn’t have to say this, but for the record: