This exploit defeats WPS via an intelligent brute force attack to the static WPS PIN. From this exploit, the WPA password can be recovered almost instantly in plain-text once the attack on the access point WPS is initiated, which normally takes 2-10 hours (depending on which program you use). braindump have created their respective 'reaver' and 'wpscrack' programs to exploit the WPS vulnerability. Both TNS, the discoverers of the exploit and Stefan at.
A flaw in WPS, or WiFi Protected Setup, known about for over a year by TNS, was finally exploited with proof of concept code.
