CVE-2016-10743: Predictable WPS PIN in hostapd for versions prior to 2016

[kcdtv]

Hi there! :smiley_cat: A vulnerability has been published today and it could be used to create of a new pixiewps mode It affects devices that use a hostapd version prior to 2016 where /dev/urandom isn't present

It has been discovered that hostapd before version 2.6 wasn't seeding PRNGs at all. This vulnerability has been fixed silently around 2016, but never attributed a CVE number, leading to many distributions and IoT devices still shipping this version of the software. This vulnerability has been given id CVE-2016-10743. In some configurations, when WPS is enabled and a /dev/urandom device isn't available, this leads to WPS PINS being predictable, allowing remote network access from an attacker.

You will find the entire full disclosure here: Hostapd fails at seeding PRNGS, leading to insufficient entropy The author of the security report points out this function:

  /* Generate seven random digits for the PIN */

  if (random_get_bytes((unsigned char *) &val, sizeof(val)) < 0) {

   struct os_time now;

   os_get_time(&now);

   val = os_random() ^ now.sec ^ now.usec;

  }

  val %= 10000000;

I don't know C, correct me if i am wrong, but it seems that it is somehow similar to the realtek attack: Time value is used as a fallback system to generate entropy. in this case the value is used to generate "randomly" the 7th first digits. This function is extracted from wps_common.c As pointed out by the author, this vulnerability would be more likely to be found on ioT devices then Access Point.