[conspire] 2WIRE SSID

Micah Lee twopointfour at riseup.net
Tue Mar 22 18:48:34 PDT 2011


I believe the default WEP keys for AT&T 2WIRE networks are often the
landline phone number of the house they're at. Quite secure.

There was a good talk at DEFCON a couple years ago about attacking these
routers: http://www.youtube.com/watch?v=yTtQGPdSIfM

My favorite part is at the very end. If you're already connected to one
of these networks (if it doesn't have a key or if you've cracked WEP),
there's a URL you can go to on the router's IP to reset the admin
password without authentication. This may or may not have been patched,
but there's no auto-updating the firmware of these routers so most of
them are likely vulnerable. I believe you can find slides for this talk
on DEFCON's website.

On 03/22/2011 10:24 AM, Rick Moen wrote:
> Quoting Ehud Kaldor (ehud.kaldor at gmail.com):
> 
>> this might be the forum to ask:
>> anyone seen WEP-protected SSIDs in the form of 2WIREXXX (XXX being numbers)
>> floating around? i can see 2WIRE112, 2WIRE795 and more around my house in
>> San Jose and others in other locations. just curious.
> 
> Yes.  A '2WIRE834' network is one of my neighbours.  2Wire is an AT&T
> model line, commonly provided by the telco for AT&T residential aDSL
> service, many (all?) being cheap-ass USB units based on Broadcom 4306
> chips.  Default keys are 10-digit WEP, with optional choice of WPA.
> 
> 
> _______________________________________________
> conspire mailing list
> conspire at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/conspire
> 




More information about the conspire mailing list