We obtain a WPA key for Wi-Fi using vulnerable WPS technology. What are QSS and WPS? What is the QSS button for on a Wi-Fi router and how to use it
Wi-Fi protected setup (WPS)- This is a semi-automatic configuration function wireless network. Created to simplify the process of connecting clients to a router especially for people who have minimal knowledge in the IT field and have difficulty setting up equipment. The meaning of the function is as follows: if you have physical access to the router, you just need to press a button on it and you can connect to its network without entering the Wi-Fi network password.
Why disable WPS
Despite its convenience for a novice user, the WPS protocol poses a major security risk. In fact, this is a half-open door for an attacker to enter your Wi-Fi network and, as a result, into your computer with all your personal information and payment details. There are a lot of programs freely available on the Internet for hacking wireless networks using the WPS (Wi-Fi Protected Setup) vulnerability, which even a child can download and use. Therefore, by leaving this function enabled on your router, you encourage your neighbors, who are reached by your Wi-Fi signal, to try to access it. Just for fun, look for articles about Wi-Fi hacking on the Internet and you will see that to gain unauthorized access, hackers most often use either WPS or the outdated WEP security mode, which is also a serious vulnerability.
On most routers popular in Russia and Ukraine, WPS is activated by default. Users more knowledgeable in IT turn it off when setting up the router, and people with poor knowledge of computers and network security issues naturally leave the incomprehensible setting “as is.” You can pick up an Android smartphone and find out for yourself which of your neighbors keeps this mode turned on. Just go to the Wi-Fi section in the settings of your phone or tablet, look through the list of available networks and next to some of them you will see the same phrase “WPS available”.
Note! In old TP-Link equipment, instead of the abbreviation WPS (Wi-Fi Protected Setup) can be used QSS (Quick Security Setup). Therefore, if you don’t find the first name, look for the second.
Disabling WPS in the D-Link DIR-815AC router
To begin with, you will need. In the web interface, go to the page Wi-Fi → WPS.
There will be two subpages here - 2.4 GHz and 5 GHz. Uncheck WPS and press the button Apply on both pages: 
Access point TP-Link TL-WA701ND
Everything is very clear here - you just need to press a button Disable WPS so that the status changes to “Disabled”:
TP-Link Archer C9
Go to Additional settings → Wireless mode → WPS.
Disable your router PIN:
TP-Link Archer C7
And here is an example of a dual-band router with the old green interface. Here the function is disabled separately for 2.4 and 5 GHz modules. For example, let's go to the section Wireless mode 2.4 GHz → WPS, press Disable WPS, click on the link, press the button.
LinkSys WRT1900AC
- In the router settings, go to the section Wireless;
- Go to the tab Wi-Fi Protected Setup;
- Set the switch to position OFF;
- Click OK:
ASUS RT-AC66U
Go to page Additional settings → Wireless network → WPS.
Select OFF:
As you can see, on all routers the setting is in similar sections and is not difficult to find.
Nowadays, almost every apartment and house has a router - a device for a wireless WiFi network. This device is extremely easy to use, and thanks to it you can easily connect to a WiFi network at home. But settings often take quite a lot of time, particularly for inexperienced users. There are several buttons on the router (router), one of them is labeled with the abbreviation WPS, which is probably the most mysterious of all.
What is WPS
WPS, or Wi-Fi Protected Setup, is a standard that simplifies setting up a wireless network, so every modern router has this button . This feature helps other devices (cell phone, tablet, laptop, PC, etc.) safely and easily connect to the WiFi network created by your device. That is why this standard was originally called Wi-Fi Simple Config. VPS also encrypts your wireless network so that other users cannot access your network. It should be noted that on TP-Link routers this is called QSS.
Based on the above, you can understand what a VPS is and why it is needed. It's time to find out how to put this into practice.
How to use WPS
There are two ways to connect to the UPS standard:
- Software connection
- Hardware connection
How are these two methods different? P WPS software connection carried out using a PIN code, which consists of eight digits, and hardware connection- using a button on the router. Let's figure out how to enable the VPS function in both cases.
Software connection
This connection is used if the router does not have a corresponding button, but this function can work. Usually the required PIN code is indicated on the label or on the case of the device, but if you don’t find it there, you can look at the PIN code in the admin panel of the router. There you just need to go to the “WPS” section.
When you know the PIN code, you need to click on the WiFi icon in the system tray. There you find your network and try to connect to it. Next, a window will open where the wizard system settings will ask you for the PIN code that you previously looked at on the label or in the “WPS” section. After you have entered the code, click the “Next” button and wait. And in just a couple of seconds you will be able to safely work with your wireless network.
Hardware connection
With this method things are a little simpler. You need to click on the VPS button on the router itself and on the device that you want to connect to the wireless network. Then you need to wait a little while the devices are connected. But if the device you need does not have a WPS function, as on some smartphones, then you must first start connecting to the network, then press the WPS button.
But it should be noted that on many router models the Reset and WPS buttons are combined. As you know, Reset is resetting the router to factory settings. To avoid accidentally resetting, you must hold the button for no more than two seconds. Long pressing this button will reset to factory settings.
Turning on and off on routers
Sometimes you need to enable or disable the VPS function on your router. To do this, we need to go to the router settings.
Any browser will do this. You need to enter the router address in the address bar, then your login and password. The router address is usually written on the label. However, if you don't have a label, you can find the address in the network card settings or connection information.
After you have found out the address of your device and entered your login and password, the authorization window opens. All you need to do is enter your username and password. Sometimes the default login and password is admin. When you have entered all the necessary data, press enter and enter the settings of your router.
A wireless Internet connection has made it possible to get rid of the web of wires and cables and become truly free. But at the same time, a problem arose in setting up network security. A common person without special knowledge It is unlikely to be able to configure the Internet connection correctly (from a security point of view).
For this purpose, a special protocol WPS (Wi-Fi Ptotected Setup) was invented, which automatically produces Wi-Fi setup networks. With WPS, users can set up a secure wireless network without having to go through all the technical details and encryption settings. This technology is supported by most modern Wi-Fi routers, as well as everything OS, starting with Win Vista.
Setting up a Wi-Fi network is divided into two stages: setting up an access point and connecting devices to the wireless network. In this case, the configuration can be performed without even going to the web interface. When you connect to the router for the first time, you will be prompted to configure the device. Then you will need to go through several steps using a special wizard, specify all the necessary parameters, and after that you can get to work.
WPS connection methods
There are two ways to connect this technology – hardware and software. Hardware connection is made using the WPS button on the router or adapter. To do this, you need to press the button on the body, and then on Wi-Fi adapter, from which you need to connect. You need to press it once and hold it for a couple of seconds.
After a short period of time (a couple of minutes), the devices will connect to each other. At the same time the name Wi-Fi networks remains the same, and the password is generated randomly. On some router models, the WPS button may be located next to the Reset button. In this case, it is better not to hold it for more than 5 seconds, otherwise there is a risk of resetting all settings to factory settings.
If there is no button on the router case for connecting WPS, you can do this programmatically. To do this, you will need to enter a PIN code, which is usually glued to the bottom of the router. You can also find out this code in the device’s web interface in the WPS section. Next, you need to click on the wireless network icon in the tray, select your wireless device and click the “Connect” button. Then you need to enter the PIN code and click the “Next” button. After this, the computer will connect to the Wi-Fi device, and you can use the Internet.
Many modern routers support the WPS standard and have a corresponding button. Usually, wps button on the router it is located on the side panel. There are advantages and disadvantages to using this standard. Let's first figure out what this standard means and what it is intended for.
Principle of operation
The WPS standard was developed by Wi-Fi equipment manufacturers in order to automate the process of setting up a wireless network and thereby making setup easier for an inexperienced user. Using this technology, it has become possible to very quickly and easily configure the operation of a wireless network and basic security settings without manually configuring these settings. WPS technology will automatically set a name for your network and set up encryption that can protect against third-party access to the network and hacking.
The method of operation of this technology is that the necessary parameters must be transferred from the router to the controller using a special request. You can send such a request in different ways. You can use the router’s special button – WPS. This button is usually located on the side panel of the router, but if it is not there, then you need to look for this button in the router’s web interface. Or, for such a security request, you can use the eight-digit PIN code that is generated in the control panel.
The location of the WPS button may vary, on the front or side panel, and depends on the router model in question. In addition, there are options when the WPS button is combined with a reset button. In this case, it all depends on the time you press and hold it. Typically, the time to set up a connection is approximately 1-2 seconds, and if you need to reset the settings, you need to hold it for 5-8 seconds. The approximate location of the WPS button can be seen in the figure below.
Please note that if you have a TP-Link router, then instead of the WPS function name, QSS (Quick Secure Setup Help) is used. By default, this function is active; to disable it, you need to find the QSS menu in the router settings and disable the function by selecting Disable QSS.
The process of setting up a wireless network usually consists of two tasks; first you need to configure the access point (router), and then you can connect new devices to the created wireless network. The advantage of WPS technology is that it makes both of these tasks much easier.
Using WPS
When using WPS, the user does not need to understand and look for settings in the router’s web interface. The user can easily add the desired device (laptop, netbook) to a fully configured network. To do this, you only need to enter your PIN and all the necessary settings will be obtained. This method is very convenient, which is why all modern router models support this mode. Let's take a closer look at the options for using WPS implemented in routers:
WPS setup
Let's set up a wireless network using WPS technology. To do this, we need to configure an access point and connect other devices to the network. IN in this example We will use a computer with Windows 7 and a router that supports WPS (Tenda W309R). The entire WPS setup will be similar for other router models that have a support mode for this technology.
After the router is connected, you will see the name of your router in the list of available networks. IN in this case name – ZyXEL.
One available Zyxel network
When connecting to such a network, while the security parameters are not set, Windows system will prompt you to configure the router settings. You need to agree and click OK to continue with the setup. Additionally, you can connect to this network without using the preset if you click cancel.
Further setup of the connection will require you to enter a PIN code, the entry field for which you will see in the next window that opens. You can look at the PIN code on the sticker of the device you are using, and it consists of 8 digits. If necessary, this code can be changed in the router settings. After entering the PIN code, you need to click Next to continue the setup.
After entering the PIN code correctly, a new window will open to configure the parameters for the router. You will be asked to review and enter basic parameters for your wireless network, such as a name, select an encryption type, and create a network security key. You can accept the default settings. You should only pay attention to the name of your network, which should contain only Latin characters and be without spaces.
When automatic setting connection is completed, the setup wizard will display a window with the previously entered security key. This key should be written down or printed; it will be needed when connecting new devices to your network.
Now that the connection using WPS is configured, you can connect to your wireless network from another device. To do this, find in the list of available WIFI networks Your created Home_Network network and try to connect to it by clicking Connect.
A window will open in front of you in which you will be asked to enter a security key. Or you can press the button on the router and then in a couple of seconds you will also connect to the wireless network (the PBC method is used).
As a result, the WPS method allows you to configure wireless connection even without the need to use the router's web interface. You can also connect to a wireless network by pressing a button on the router.
Reassigning the WPS button
The firmware of some routers allows you to reassign the action of the WPS button. For example, the ASUSWRT firmware allows you to reassign the WPS button and use it to turn Wi-Fi on or off. Often the WPS button is simply not used, and the mode of turning off the radio module with this button without the need to use the settings in the web interface may be more necessary. To redefine the action of the button, you need to go to the Administration section and open the System tab, as in the figure below. You need to override the WPSbutton behavior item and select ToggleRadio.
Disadvantages of the WPS method
Wi-Fi routers that support WPS technology have network security vulnerabilities. Using this vulnerability, you can guess passwords for the WPA and WPA2 encryption protocols. This vulnerability lies in the fact that it is possible to find out the network key used by brute force. The PIN code itself contains eight digits and therefore 10^8 code selection options are possible. But in reality there are much fewer selection options. This occurs because the last digit of the code contains a checksum calculated from the first seven digits. This already reduces the options to 10^7. The WPS authentication protocol itself also contains vulnerabilities. As a result, it turns out that approximately 11,000 search options are needed to select the code. This is relatively not much.
Another disadvantage of WPS technology is that most Wi-Fi routers designed with a rigid PIN code. Because of this, if the code is compromised, changing the WPA password will not be able to protect the network. Anyone who knows the PIN will be able to connect to your wireless network again.