WLAN router horror stories
Abstract
It's about finding and exposing two weak password algorithms for the
standard-passwords for WPA/WPA2 in widely deployed
soho-home-dsl-wifi-voip-routers and what could be done with that
knowledge if you have malicious intents.
Planned content:
- History/Intro -> There have been cases like this before in other countries
- Finding targets -> Wardriving + Mapping (we know its "boring" so
this part will be kept short and focused on practical use)
- Router internals -> Firmware Unpacking/Reversing with IDA to read
some MIPS-Assembly (we will drink before we talk about this part, you
have been warned!)
more details about what we are focusing on
1. Telekom/Arcadyan Speedport 700V Router default password weakness
(http://www.heise.de/newsticker/meldung/WPA-Key-von-Speedport-Routern-zu-einfach-1062911.html)
2. Telekom Austria (Pirelli Broadband PRGAV4202N) Router default
password weakness
3. (more stuff)
Speaker
we are computerscience students from hell (ViBi = Austria, 5M7X = Germany)
|