Find a Question:
Standard Wi-Fi passwords Telenet modems can be derived from ssid
A hacker has found a method to determine the default wifi passwords for a given modem Belgian telco Telenet, which uses more than half of the customers. The generated passwords are dependent on the ssid.
Telenet angry customers logo The vulnerability was found by Telenet subscriber Vic Delorge that his findings revealed did a post on the forum User Base. When a user uses a ‘vulnerable’ modem and password and network name has not changed, he is vulnerable. “This problem affects many people because they do not change their default password and -netwerknaam” writes Delorge.
Not all routers Telenet customers are affected, but most: it is the latest router that is currently being delivered to new customers. Telenet will not say exactly how many customers over the affected modem feature, but it is at least “more than half” of all customers.
Delorge does in his posts on User Base not explained how exactly can the wifi key figure, but head protection Eric de Smedt Telenet confirms his findings. To exploit this vulnerability, a second modem Telenet is needed, besides the modem where an attacker wants to get to. The attacker must also have root access to the second modem. This can be any of the modem which he wants to sign: the attacker need only the ssid to know them.
Can then enter the SSID of the network to crack, after which he can after the password, retrieve in the words of Telenet, using “some complex technical operations.” An attacker on the second modem The attacker can then log on to the network of Telenet customer and instance access network drives. To this end, it must be within the range of the network are situated.
De Smedt notes that the vulnerability can not easily be misused and that an attack did not appear likely. It would not be possible on a large scale in order to crack passwords of networks, all suggesting potential Delorge in its posts, however, that it would be possible to process the script.
The attacker must be able to additionally get root access; Telenet subscriber Delorge had previously done, but there is no public manual. The router for this must be opened. “We’re going next month a patch that makes it no longer possible to gain root access rollout,” said De Smedt, who lodges that it is forbidden to crack a router. “The modems are indeed owned by Telenet.”
In addition, Telenet is the mechanism that generates better wifi passwords close carpentry so they can not be derived from the ssid. However, this only affects customers who get a new modem or restore the factory settings; existing Telenet customers will have to change their default password manually.
De Smedt Telenet stressed that customers who have changed the default network name or password, are not vulnerable. Telenet does not take any legal action against the discoverer of the leak, but is not happy that he has presented his findings at a public forum revealed to you.Viewing:-488
Answer this Question
You must be Logged In to post an Answer.
Not a member yet? Sign Up Now »
Star Points Scale
Earn points for Asking and Answering Questions!