lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 17 Jul 2010 16:52:48 -0700
From: coderman <coderman@...il.com>
To: "Thor (Hammer of God)" <thor@...merofgod.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Interesting link regarding FIOS WEP keys

On Sat, Jul 17, 2010 at 9:32 AM, Thor (Hammer of God)
<thor@...merofgod.com> wrote:
> http://www.whatsmyip.org/fioswepcalc/

aww, this has been great since they first started shipping those
ActionTec pieces of crap .. ~_~;

note that it's not just FiOS but a predictable subset of all their
Verizon DSL, Verizon FiOS, Qwest DSL, Qwest FTTP, etc, etc, all using
the bottom dollar ActionTec with WiFi on by default, and WEP used by
default, with a predictable poorly seeded Key Derivation Function
based trivially on the MAC/BSSID/SSID of the router interface(s).

note that dproxy-nexgen used on same has its own set of issues and
vulns, particularly for you Tor users...

does someone have a droid app for this yet? (toggle "mooch-fios" widget??)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists