Jump to content

Cafe Open Wifi Security Hole


kerpap
 Share

Recommended Posts

I have noticed in my region that a lot of open wifi routers have their port 23 open to its linux kernel.

I use overlook fing on my droid and can easily connect via telnet using admin/admin,.

I notice these exact routers are also connected to their credit card machines. is it really so bad these days that hacking can be so easy?

I have been to several bar/grill type places and have seen this type of setup..

recommended action....

FIX IT! this is on some linksys routers and some telco issued routers. my guess is it is left there for help desk related fixes.

I brought it to the attention of my favorite bar (im friends with and I was aware of the risk) and I was awarded a free dinner which I refused. I simply said I wont accept, just fix the security hole.

Link to comment
Share on other sites

Man. I have done terrible, terrible things for pitchers of margaritas.

If I would have just known setting security for a router would have gotten me that, I would need a lot less shots every time I go to the doctor's.

rofl was thinking the same damn thing...

telot

Link to comment
Share on other sites

God I love infosec.

Its very powerful isn't it. That's why it should always be used with care or it might backfire at you.

Link to comment
Share on other sites

Like Darren says, as long as your intentions aren't evil/malicious, you're alright. We all need to practice what we learn in the real world, but in a responsible manner.

Besides, anyone who posts on hak5 who says they haven't cracked a WEP network in the wild or got a meterpreter shell from the wild without first getting permission from the owner is lying : P

Link to comment
Share on other sites

Like Darren says, as long as your intentions aren't evil/malicious, you're alright. We all need to practice what we learn in the real world, but in a responsible manner.

Besides, anyone who posts on hak5 who says they haven't cracked a WEP network in the wild or got a meterpreter shell from the wild without first getting permission from the owner is lying : P

I've never gotten a Meterpreter shell in the wild. (I've never used meterpreter...)

:P

Link to comment
Share on other sites

Like Darren says, as long as your intentions aren't evil/malicious, you're alright. We all need to practice what we learn in the real world, but in a responsible manner.

Besides, anyone who posts on hak5 who says they haven't cracked a WEP network in the wild or got a meterpreter shell from the wild without first getting permission from the owner is lying : P

You are absolutely correct, and you will be surprised that there are people who actually use these skills for evil or malicious intent. And that's something I DO NOT encourage or condone.

Link to comment
Share on other sites

You are absolutely correct, and you will be surprised that there are people who actually use these skills for evil or malicious intent. And that's something I DO NOT encourage or condone.

If it weren't for the people who used what they know for malicious purposes most of us here wouldn't have jobs : P

Link to comment
Share on other sites

I fixed up the wireless network for my favorite mexican restaurant and they gave me free pitchers of golden margaritas :)

________________________

|.........................................|

|.........................................|

|....Will White Hat for Beer....|

|.........................................|

|.........................................|

-------------------------------------------

Link to comment
Share on other sites

Besides, anyone who posts on hak5 who says they haven't cracked a WEP network in the wild or got a meterpreter shell from the wild without first getting permission from the owner is lying : P

What is this Meter preter shell you speak of? What kinda of sea creatures do the shells come from? :huh:

Link to comment
Share on other sites

the major telco here issues these wifi routers to their customers. they are 2WIRE routers and guess what encryption they use...

Worthless

Encryption

Protocol

also the admin control panel is almost never secured and is wide open.

you can probably deduce what country I am in, and that the entire "island" is a war driver's paradice.

Link to comment
Share on other sites

What is this Meter preter shell you speak of? What kinda of sea creatures do the shells come from? :huh:

If you haven't heard of Metasploit then I would recommend reading up on that first, than you will be able to understand what Meterpreter shell means.

Link to comment
Share on other sites

Hah I believe he was using sarcasm infiltrator. At least I sure hope he was.

It did sound like sarcasm, but I just wanted to make sure. That's why I answered it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...