Re: Virgin Media urges password change over hacking risk
 

Sounds like a bond villain.

Re: Virgin Media urges password change over hacking risk
 

FYI; jk means just kidding, it was a joke. So long as the password is changed from the VM default and at least 12 characters, not a word(s) in the dictionary, it should be fine.
===
Reputation; JPAC is just really nice;
Etymology: Middle English: nice "foolish, stupid," from early French nice (same meaning), from Latin nescius "ignorant,"
Seems about right. ;)

Re: Virgin Media urges password change over hacking risk
 

Even a cluster that size will struggle to brute for a decent long passphrase. 15 characters? Sure, probably in hours, but when you get to the likes of 30+ characters then it becomes an issue even at that scale.

That's only really achievable with a passphrase. To be clear, the most secure password is completely random string of characters, with symbols, letters, numbers (and ideally even unprintable characters :P) however I would argue that this is not the best password. You have to be able to remember a password, or you'll end up writing it down*. That's what I mean when I say "Best" - something that is the correct trade-off between "memorable" and "secure". A pass-phrase with some substitutions is by far the best compromise there.

* Please note that I strongly advocate the use of a password manager for your day-to-day passwords.

Re: Virgin Media urges password change over hacking risk
 

That's the thing, you understand that but when people say a passphrase is the best it actually isn't unless you actually use substitutions. Without the subs it just becomes a simple dictionary attack and that will be quicker than brute forcing a random string even if your phrase uses the maximum amount of characters.

You also have to be careful what subs you use. e.g. subbing a 4 for the letter A etc is useless the mask and rule set used in the attack will soon find that. Symbols (AKA special characters) and the odd number thrown in is the way to go as far as a passphrase is concerned.

---------- Post added at 12:43 ---------- Previous post was at 12:39 ----------

I don't think you realise what a "Man in the middle" actually is. It is a means to get your wifi password as well as getting everything passing through their connection which will record everything.

Man in the middle is a way of fooling you into thinking you are connecting to your network when you are in fact connecrting to another one entirely. If done correctly you wouldn't even know.

Re: Virgin Media urges password change over hacking risk
 

I think we're basically saying the same thing, we're just debating the terminology more than anything at this rate.

Re: Virgin Media urges password change over hacking risk
 

Looks like it!:D

Re: Virgin Media urges password change over hacking risk
 

Brilliant news, as most will change the passwords to something easier to crack :P

There are some good pre-generated dictionaries made especially for cracking certain ISP's WPA2 passwords due to knowing their makeup, meaning many can be cracked in 20 minutes or so.


This is probably known and part of the reason for the actual password request, with the news article just prompting it a bit sooner.


The actual recent hack of the Superhub via a modified settings backup was more interesting.

---------- Post added at 13:20 ---------- Previous post was at 13:11 ----------

You can't be a man in the middle as such when it comes to getting the Wifi password. It is done by passively sniffing what it sent between the client and router because it is sent out for anyone to read, rather than someone being in the middle of the client and router..


Maybe injecting some packets pretending to be the client de-authenticating to force it to send the encrypted password more times so you have more data to use for cracking is used, but thats not MITM either.


Once you are in you can use a device on the network to MITM via arp poisoning locally or maybe setting a routers DNS to one under your own control, so you can force every website to go through your own rogue server by replying to every DNS request with the rogue server IP, which in turn does the listening before forwarding traffic.

Re: Virgin Media urges password change over hacking risk
 

Seriously???

I won't post the source for obvious reasons.

and

and

Finally
https://en.wikipedia.org/wiki/Evil_t...less_networks)

Re: Virgin Media urges password change over hacking risk
 

EvilTwin networks have their uses but are a different kind of attack, but generally you don't use them to get a WPA2 password to crack. These days you may use a rogue access point as a way of social engineering someone to enter their router password, via the captive portal and asking for router password via a web page, like Pwnstar can do. The tools mentioned like aircrack, reaver/pixie are the same you would use on a computer rather than an AP. When they are used, no matter where, they are still not MITM attacks. Once connected to the rogue AP, then the SSL strip and such are the MITM attacks.

Even with MAC spoofing and all the other tricks, there are limitations and advances mean not all devices are fooled by rogue ap's now. Getting a client to send to a cloned MAC of a network it has connected before can be difficult. But my original post was getting the right terminology for each attack based on the thread being about WPA2 passwords. Throwing a web page on open network asking for the router password like pwnstar does is hit and miss and I would call social engineering rather than a MITM. . Throwing packets on a wifi frequency to capture IVS or WPA handshakes to crack is different, and certainly not MITM.


#IlovemyPineapple

Re: Virgin Media urges password change over hacking risk
 

You are correct to a point. Reaver, bully and pixiedust are dead in the water as ISP's have to a great extent protected against those forms of attack. Pixiedust was phenomenal in the way it did it, that took only minutes to crack the password. A community Dev just to get the router manufacturers to fill the wide open hole in security.

I'm busy for the next couple of weeks but when I have time I'll tell my neighbour I'm going to test his security and see if he falls for an EvilTwin or MITM attack. He won't mind me doing it but I won't tell him what I'm doing until afterwards. I hope he doesn't have a panic attack!!!

Re: Virgin Media urges password change over hacking risk
 

Wifiphisher is more up to date than pwnstar but does a similar job. Might be worth you looking at.

Yeah loved the flaw that Pixiedust used to increase the crack speed. Pixie/Reaver can still work with the right timeouts between attempts but slow compared to forcing clients to reconnect and capturing the handshake to crack.

Thanks to power saving modes on computers and laptops, you rarely see them active on a wifi network unless the person is a heavy user. More likely to find smart tv's, android/apple phones and tablets , maybe apple tv and some gaming consoles. Still rare to find many IOT devices checking random networks, allegedly...

Netdiscover is a nice tool to monitor a network to show when devices come online/join the network. Uses ARP packets as it's method.

People should really use these tools to check the security of their own networks, especially if you live in flats or a high density area.

Nethunter on a few select mobile phones is good too, although best hooked up to an alfa wifi adapter via OTG Y cable and power block. Same can be done with a Pi but Nethunter has a nice front end for the phone :)

Re: Virgin Media urges password change over hacking risk
 

I know all about those tools you mention but I didn't want to put temptation in the way of users here. That's why I deliberately haven't posted source links.

We are on the same wavelength so you should understand where I'm coming from.

One thing to mention for the rest viewing this discussion.

SKY routers - Yes there is an algorithm that determines the default password.

VM - There is no algorithm known as yet (there has to be one) but there are large lists of default passwords available.

Bottom line, change the default password!

Re: Virgin Media urges password change over hacking risk
 

Down at my daughters going to try and change her router settings. Does the router have to be connected via ethernet cable to change settings. I have an SH2 but hers is an SH1. Using my iPad brings up a slightly different login screen to the one I get at home.The login page on her router asks for 'settings' password and WPS PIN. entering the eight letter 'pass phrase' and the eight number WPS pin doesn't allow access?

Re: Virgin Media urges password change over hacking risk
 

The settings password is not the wireless passphrase. If it's asking for the WPS PIN as well then it's still the default settings password - 'changeme'

Re: Virgin Media urges password change over hacking risk
 

Thanks Ben, I did eventually work it out have reset both passwords. :cool: