Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Thompson ST XXX WEP/WPA keys

  • 04-12-2007 4:33am
    #1
    Closed Accounts Posts: 1,567 ✭✭✭


    I may have found a potential security problem with the configuration of some wireless thompson routers..i was gonna research it more, but i can't get my hands on one of these routers to verify...

    Its very similar to the eircom/netopia problem where the default wep key was based on serial number.

    I can't say for sure it is a problem, because i don't have one of these routers to verify..some guys from spain sent me the install wizard program and i had a quick look, but no way for me to debug the code in realtime :(

    The list of routers that could be affected:
    • ST 510v6
    • ST 585v6
    • ST 780WL

    vivelafrance.jpg

    from what i could tell, without debugging..
    a user enters the serial number, (this is possibly UTF encoded..unsure)
    the last 5 bytes of the serial are xor'd against the string 'ViveLaFrance'
    the result of this xor is converted to ascii, then hashed with SHA-1
    the result is converted to its ascii representation, and hashed again with sha-1
    the result of this is the WEP/WPA key.

    what i've said could be completely wrong, but i couldn't test any input/output results.

    if anyone on the forum here has access to any of the routers mentioned in the list, or if you can give me one - even just a lend..i could investigate further and definitely say whether its a problem or not.


Comments

  • Closed Accounts Posts: 636 ✭✭✭conor2007


    umm yes

    its hard to find a company who has a halfway decent security


  • Closed Accounts Posts: 1,567 ✭✭✭Martyr


    umm, thats a good point like.
    i mean, you would totally freak out if some hacker broke into your thompson.
    when i found this code, i was like..oh my god, this is terrible

    FYI, these are used throughout the UK,Spain and France by both home and business users.
    It would be silly to think that there aren't key generators out there for this.


  • Closed Accounts Posts: 636 ✭✭✭conor2007


    eircom has a wep code generator on the net
    ppl will probally make one for this

    best do wpa , at least


Advertisement