Sunday, February 10, 2013

Open for Attack

So congratulations on your Fiber Optic Network Installation. You have reached the end of the High Speed Wireless Highway and plunging into the unknown. Your Maximum Speed is actually 70Mbps if you use 802.11N or WiFi-N and despite whatever claims it may have, you won't legally reach anywhere over that limit unless you are a hacker. (Ethernet / Communications Rules, Through output speed= Max Speed x 0.7 [Error Corrections etc] divided by 2 [Full Duplex] at the distance of 3meters)

So technically you are still getting anywhere better than SingTel's ADSL+ or Cable Connection of M1 or Starhub services but do you know that you are so susceptible to wireless hacking?

I am a real time hacker. I have to do penetration tests every now and then and for your information, the culprit is the button on your router for Wireless Protected Setup or WPS, and in layman terms, "Lazy Bugger who do not wish to enter the long password" as you only need to press that button and you are authenticated to the network.

WPS however, is not secure. It has a simple 8 digit pin in which the first 4 is encoded and the last 2 are check digits, something like your IC Number where the first 2 are your year, followed by your citizen class (Born Singaporean, Foreign Born, PR, Convict, Undercover Police etc) and then the serial number and a check alphabet (A-J & Z).

That number DO NOT CHANGE unless you disable or modd the Router. Why it's so dangerous? Because Google has a codec called REAVER which is used with Wifi crackerjacks such as AirCrack-NG and such free software (built into Linux) that once that number is cracked... how many times you change your password does not matter since the WPS key is the same.. something like your super master key.

Initial key stress testing takes usually 6 - 10 hours to crack ONE SINGLE Router in sequence and usually a hacker will crack 3 - 6 routers in a go. Even if you do not broadcast your SSID, it will still come radio waves will be transmitted and someone will listen.

So what can you do?? Get a secured Router with that WPS PIN DISABLED.

Unfortunately for many, SINGTEL's router are nearly CRACKER JACK PROOF. The 5012 uses WEP and password is usually 13 numbers or 13 ALPHANUMERIC KEYS with ALL CAPS LOCK making it super hard to crack, ( 36 to the power of 13 combinations or 170 Billion Billion Combinations ). Those white ones are also harder to crack too so don't waste your time...

That is hard coded and a PAIN IN THE BACKSIDE. It's made by some China Company... but it's useful.

Just a cap..which ones are simple to crack includes TPLINK, DLINK, ASUS, EnGenius and those cheapo ones....

Good luck

No comments:

Post a Comment