Livebox, Box SFR: this huge flaw makes it possible to find the neighbor's WiFi key in a few seconds!

Who I am
Carlos Priora
@carlospriora
Author and references

Orange Liveboxes and SFR Boxes are affected by a major security flaw in the WPS system: it is possible, without being physically close to these boxes, to force automatic pairing and recover the WiFi key in plain text. The problem comes from the activation of WPS by default on these boxes, and the fact that a bug in the firmware allows them to accept an empty PIN. 

The live box and Box SFR are affected by a serious security flaw that allows you to crack your neighbor's WiFi key in just a few seconds. The WPS functionality is activated by default on these boxes but is configured without any PIN. However, a bug in the firmware makes it possible to send an empty PIN which then makes it possible to launch WiFi pairing via WPS.



Wi-Fi Protected Setup (WPS) makes it easy to add devices to your Wi-Fi network. This feature allows any computer to connect without having to enter the long router key. All you have to do is press a physical button on the box, or, if you are far from it and the functionality is correctly configured, connect with a much shorter PIN code.

Livebox, Box SFR: a huge flaw allows you to crack the WiFi key in seconds!

In theory, the absence of a PIN should prevent any use of this feature without physical access to the box. Except that… this is obviously not the case with Liveboxes and SFR Boxes. A security expert, Jeremy Martin, who discovered this flaw, explains that it is possible to send an empty PIN via the reaver tool of the free Kali Linux distribution.


We see in the video at the end of the article that this allows you to obtain the WiFi key in the clear in just a few minutes. The attacker can then connect to his neighbor's WiFi network without the knowledge of the latter. Jeremy Martin explains that he contacted Orange and SFR to inform them of the problem. Visibly impatient, he decided a few hours later to upload a video that explains in detail how anyone can do the same thing.


It is emphasized that, when a fault is discovered, it is necessary to leave at least a few weeks between the moment when the fault is reported and the revelation of the method – otherwise it is impossible for the technical teams to correct anything. that is ! As a result, millions of customers now expose themselves to hacking of their local network by hackers or smart guys. Thank you Jeremy Martin!

It will therefore be necessary to wait for these operators to push an update to see the famous empty PIN bug disappear. Until this can be the case, we strongly advise you to completely deactivate the WPS functionality on your internet box.

For those who reacted to my tweet this morning regarding SFR / Orange Wifi, here is the detail of the 0Day flaw https://t.co/6M8tanSaQx

Jérémy Martin (@caaptusss) August 10, 2017


The editorial advises you:

  1. PayPal: a virulent phishing campaign is underway, caution
In its latest report, Apple insists that the monopoly of the App Store makes it possible to offer increased security to its users. And the manufacturer takes the opportunity to compare itself to Android,…Just in time for Cybersecurity Awareness Month, Coinbase revealed that a “large-scale” phishing attack hit its users earlier this…Researchers British discovered a vulnerability in the Apple Pay service. Malicious individuals could thus ignore the lock screen of the smartphone in order to realize…A cybersecurity expert has uncovered a vulnerability in the AirTag. Here's how Apple's tracker could be used by malicious individuals wishing to steal personal data. We…
Audio Video Livebox, Box SFR: this huge flaw makes it possible to find the neighbor's WiFi key in a few seconds!
add a comment of Livebox, Box SFR: this huge flaw makes it possible to find the neighbor's WiFi key in a few seconds!
Comment sent successfully! We will review it in the next few hours.