BT Home Hub "spits out password to hackers"
By Barry Collins
Posted on 28 May 2008 at 10:32
An "ethical hacking outfit" claims to have found a new security hole in BT's Home Hub router.
The Hub has been the subject of a number of recent security flaws, which culminated in the company changing the default password on the routers from "admin" to the unique serial number of the device, in order to prevent hackers from gaining access to the device.
However, the GNUCitizen blog claims it's possible to make the Home Hub spit out that unique serial number to would-be attackers.
"It turns out that you can get the serial number of the Home Hub by simply sending a Multi Directory Access Protocol (MDAP) multicast request in the network where BT Home Hub is located," the blog claims.
"Yes, you must already be part of the LAN where the Home Hub is present, either via ethernet or via Wi-Fi. However, at GNUCitizen, we have demonstrated trivial ways to predict the WEP encryption key of the Home Hub if you know what you are doing."
GNUCitizen points the finger of blame squarely at BT. "Obviously, this is not a vulnerability within the MDAP protocol, but rather a design flaw introduced by BT with the new unique admin password feature," it claims.
"The assumption behind this insecure implementation is that the serial number can only be obtained by the legitimate owner of the router. As we have seen, this is not the case!"
BT Home Hub users can obviously avoid the problem by creating their own password and changing the Hub's default security from the widely-cracked WEP to the more secure WPA. BT provides instructions on how to do this here.
Last October, BT was forced to remove a Remote Assistance feature from the Hub, after GNUCitizen found that it could lead to hackers taking complete ownership of the device.
BT was unavailable for comment at the time of publication.
- Google Glass: mugger bait, pub problem and other lessons learned from two dangerous weeks
- Twitter, please don't fiddle with my feed
- How Satya Nadella can get some pay-raise karma
- Windows 10: a step back to go forward
- Michael Dell: Cloud infrastructure is the roads, bridges and highways of the 21st century
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- How to sell more ebooks on Amazon
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office