Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers

Presented at BSidesLV 2015, Aug. 4, 2015, 5:30 p.m. (25 minutes).

This presentation discusses a strategy for reverse-engineering router firmware to analyze algorithms used to generate default WPA2 PSKs, and demonstrates how such passwords can be recovered within minutes. Further, we describe a procedure that can instantly gather a complete wireless authentication trace, which enables an off-line password recovery attack.

Presenters:

• Eduardo Novella - Student at Radboud Nijmegen - Security Analyst at Riscure
  Eduardo is a Security Analyst who specializes in embedded device security. He is known for messing around with wireless routers, and has published research on EMV-CAP and WirelessHART during his studies. He holds a BS in CS from Universitat Politécnica de Valencia (Spain), and a Masters in Computer Security from The Kerckhoffs Institute at Radboud University Nijmegen (The Netherlands).

Links:

• Con Page
• Infocon Video
• YouTube Video

Similar Presentations:

• BSidesLV 2014 / Pwning the Pawns with WiHawk