Posted: Thu Jan 05, 2012 21:31 Post subject: are dd-wrt routers vulnerable to REAVER?
Are routers with dd-wrt vulnerable to reaver? Supposedly it can pull the WPS pin off just about any router pretty quick. It looks like the article in arstechnica used a wrt54g2 with stock linksys firmware. and even if the WPS function was turned off it was still actually on.
Can wps be removed from dd-wrt entirely to close this hole?
Joined: 04 Jan 2007 Posts: 11436 Location: Wherever the wind blows- North America
Posted: Fri Jan 06, 2012 14:11 Post subject:
OK...I asked BrainSlayer to look at this and he is aware of the issue.
He indicated that there is no WPS support in our normal firmware builds (we already knew that)...but it IS in the builds he supplies to Buffalo directly for preinstalled dd-wrt units (Buffalo insisted it be implemented). He is aware of the issue and will be submitting a repair for the problem in the future....but only for preinstalled builds on the Buffalo units....you will likely need to get support from Buffalo directly once the patch is available....you won't find it here.
redhawk _________________ Donations have dwindled so testing is limited to C/CB and R/RB modes on just a few newer models. No old router testing performed any longer.
Looking for more test units (newer models only) for the project...got a brick?...PM me to make a hardware donation. (USA) A donation is not a debricking service....it is a way to "Give back" to the dd-wrt project.
I do NOT provide personal assistance through chat or phone....so please don't ask.
I have a buffalo AG300h router, and I can confirm that the router supports wps. I have tried to attack it with the reaver tool, however I get messages from reaver about lockout periods following my initial attempt.
I haven't had a chance to run an overnight attack on my buffalo router, but on the surface it appears that it will be a bit tougher to crack them some.
The bad news is that I can't find anyway to disable the wps on this router, which is pretty lame. It may be possible, but I haven't figured it out yet.
Hope this helps, and I'll report back if I do manage to break the wps on this router with the reaver tool.
Are there any news on the "disable WPS on Buffalo"-issue?
I am running a couple of Buffalo WHR-HP-G300N on Buffalo dd-wrt 19154 and I am really happy with the performance, range and stability - so therefore I would like to keep that Buffalo build. Unfortunately I would like to run a Hotspot and would really like to disable WPS instead of telling everyone "No, you need to click the other option" - but there seems to be no direct way to disable it (so that the AP does not advertise/offer it anymore).
Would be great to get some feedback on this - I am also happy with a script-workaround if there is a way.
I was thinking of buying a Buffalo in the future so this thread was of interest. Its good to know that one can always install the generic DD-WRT firmware without WPS. Any implications on router warranty though?
Incidentally, LolThisSiteIsntHTTPS, I noticed that too (as stated in your username ID that is), and it would appear that applies to the login dialogue as well. The login dialogue at least ought to be HTTPS, but then CA issued SSL certificates do carry a cost....
These days I use a password manager that generates a unique strong password for each site I use so I'm not so worried about an individual password being compromised. Unfortunately, many people tend to use the same password for multiple sites, which puts them at greater risk should any site they are registered on get compromised.
From what I gather, most of the Buffalo routers come with a modified and branded form of DD-WRT installed on them. But if it is "subjected to misuse, abuse, or non-Buffalo Technology / (Melco Inc.) authorized alteration, modifications or repair" the device won't be replaced if it gets faulty.
I have two routers operating, one which is under warranty, and the other which has an expired warranty. It happens to be the one with the warranty that is giving me the WPS problems... It's still running 2010 Buffalo/DD-WRT firmware (I have yet to find time to update it to 2012 firmware).
But when I tried to run a Reaver crack against it, I couldn't succeed (something about rate limiting). So I think it might not be a serious issue.
Joined: 06 Jun 2006 Posts: 6806 Location: Dresden, Germany
Posted: Sun May 26, 2013 23:40 Post subject:
we know the reaver attack and we immediatly modified the code to solve that issue at the time reaver was comming out. no dd-wrt based product is affected of it _________________ one cigarette costs 2 minutes of your life.
one bottle of beer costs 4 minutes of your life.
one working day costs 8 hours of your life.
Linux DD-WRT 4.14.8 #42 SMP PREEMPT Thu Dec 21 18:11:16 CET 2017 armv7l DD-WRT
root@DD-WRT:/sys# nvram get DD_BOARD