Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers

via YouTube

Overview

Scrutinize WPA2 password generating algorithms in wireless routers through this BSidesLV 2015 conference talk. Delve into the research conducted by Eduardo Novella, exploring vulnerabilities in various router brands including Comtrend, Sitecom, Thomson, Arcadyan, and ADB/Pirelli. Learn about techniques for obtaining firmware, dumping EEPROM, and exploiting backdoors. Discover how to obtain WPA keys and understand the implications of weak password generation algorithms. Examine specific case studies, including findings from Spain's largest ISP in 2010. Gain insights into wireless authentication, deauthentication processes, and potential OS command injection vulnerabilities. Conclude with a Q&A session to further explore the presented security issues in popular wireless routers.

Syllabus

Intro
Outline
Eduardo Novella
Carlo Meijer and Roel Verdult
Timeline
Wireless Authentication & Deauthentication
Obtaining the firmware
Dumping the EEPROM
Comtrend: Findings
Comtrend: Backdoors and super-admin
Comtrend: Command Injection in telnet service
Comtrend: How to obtain WPA keys?
Comtrend: Biggest ISP in Spain, 2010
Sitecom: Previous Findings
Sitecom: WLR-2X00
Sitecom: WPA generation
Thomsom in The Netherlands
Arcadyan. WPA key generation
ADB / Pirelli
Conclusion
Questions and answers
OS Command injection

Reviews

Start your review of Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.