Showing posts with label MAC address. Show all posts
Showing posts with label MAC address. Show all posts

Sunday, May 31, 2015

Hacking Cradle Point Routers

Hacking Cradle Point Routers

This post not related with Video  Surveillance security. Please do not do hack any routers. One of my Long distance friend ask me about the same, so i will put it on my blog.


Cradle-point wireless routers are used heavily for setting small networks. However, Cradle-point uses interesting MAC specific authentication credentials which are unique for every router because of the MAC address uniqueness. In general, Cradle-point opts this behavior in order to provide more entropy in the authentication scheme rather depending on default password mechanism, which most of the LAN/WLAN router uses.

Cradle-point uses last six characters of MAC address for authentication by default. Well, in general it seems interesting because it looks like things are more secure. However, this is not appropriate from security point of view. For administrative logins and user authentication for the first time, a login page is displayed that looks for internet access password. 

The question is; How to get the password for unmanaged routers? Well, it is in MAC address. However, the obscure part is, once you are inside a WLAN , you are already having an IP address. It means Address Resolution Protocol (ARP) is the key that maps the network layer address (IP) to the link layer(Ethernet/MAC). The login page looks like as follows.

The designers made a mistake in setting this type of layout because in order to get the administrative webpage, the client has to connect to the network if it is active. Right!. Yes it is. Once a user activates the wireless connection it gets connected to the same WLAN which has a gateway address of 192.168.0.1 (default for Cradle-point routers). It is hilarious but it is trivial to subvert the stuff to get the password. Now, the hacker is in the network, so we can get possible ARP entry which resolute the IP address to the MAC address (simply ping the gateway) for the router.
As per the documentation, the password has to be 071640. Let’s try
So
Configure your devices in a secure manner.

Tuesday, March 15, 2011

Change the MAC address in Windows 7

To spoof your MAC address in Windows 7 there are a few facts you need to know. If your network adapter has newer updated drivers, then you can only spoof your mac address to an address that begins with 12. For example 12197ECD414A. You should enter the MAC address without the dashes.

If you would like to spoof your mac address to an address that begins with 00 (for example 00197ECD414A) you must downgrade your network adapter's drivers to an early version.

Go to Start and then click Run. In the text box type CMD (enter). In the command prompt type ipconfig /all. This command gives you all the information for any network card in your system including the wired network adapter, bluetooth adapter, and the wireless adapter. So you’ll have to look under the specific heading you need because each adapter will have it’s own MAC address. The MAC address is called Phyical Address.  Now you know your MAC address.


Go to Start -> Control Panel -> Network and Internet -> Network and Sharing Center -> Change Adapter Settings -> Properties -> Configure -> Network Address -> Value (type your new MAC address). Enter the MAC address without the dashes.


To verify the change of MAC address. Go to Start and then click Run. In the text box type CMD (enter). In the command prompt type ipconfig /all.