Hands up who changes their wireless password from the default one when they get a new router or change ISP. I mean the actual wireless password to connect devices to the router, not the password for the web admin pages.
Yeah, not many of you.
I've recently become aware of something which has surprised me a little bit, namely the arguably weak default WPA2 passwords supplied as standard on Virgin Media Superhubs. The current models of Superhub are rebadged Netgear routers with different logos on both the side of the case and on the web-based administration pages. The passwords supplied by default on the sticker on the bottom of the routers are quite short, and don't use any special characters of any kind. They are ripe for brute forcing. I'll explain why later on.
But first, a bit of a primer.
It used to be the case that brute force attacks would take many, many years to run. Like, thousands. They were completely infeasible given the technology available. And so the dictionary attack was born. Knowing how humans tend to pick passwords, you can run your cracking software against a dictionary word list and cross your fingers. Bonus points if your software also tries variations of words, such as capitalising various letters, or adding numbers to the end of words.
And then some clever people realised that GPUs were brilliant for the job. Fast forward to today, and we have computers that can brute force at a blazingly fast rate. We have clusters with multiple GPUs that can brute force passwords up to a certain length in hours - even minutes for some hash types - testing millions of them per second. Unfortunately, WPA isn't that simple. WPA/WPA2 passwords are sent through thousands of iterations of hashing before the final key itself is generated (and that process of generating the key, by the way, is completely transparent - the user never sees it), meaning that any brute forcing will also run much slower. Even taking this into account, there are people out there now with machines that can test these WPA passwords at speeds of around 200,000 hashes a second (based on a few searches of various penetration testing forums) .
So, why does this matter? Well, mostly because the total keyspace for a Virgin Media-provided router is pretty small. Not only is the 8 character wireless password only made up of lower case letters, they've even removed the "i" and "o" from the character set so people don't confuse them with numbers (although this is only hearsay, I have no evidence I can cite for it). Thus, we have 24^8 possible wireless passwords. While brute forcing passwords of 9, 10, and above characters is still a process that can take hundreds or thousands of years, 8 character passwords don't take as long as you'd think.
A quick calculation with a free online tool suggests that at 200,000 hashes per second you could brute force the entire keyspace of these Virgin Media routers in just over 6 and a half days. Which is a good place to talk about how badly somebody would want to break into a system. Generally, the more you want to break into a system, the more work and time you'll be willing to put in. This is entirely subjective, but I genuinely believe that with short passwords such as these, we've now reached a point in time where spending 3-4 days (remember, your password may be bang in the middle of the possible combinations, and may not require the full 6.5 days) cracking a single password is doable, especially if you really want access into a certain system.
Virgin Media could do with taking a leaf out of other ISPs' books and setting stronger default passwords. Indeed, there are threads such as this one which detail the default character sets and length on lots of ISP-provided routers (to aid in breaking those passwords - sometimes having that information can help you target your attack). Virgin Media aren't the worst of the bunch, but given their prominence as one of the top ISPs in the UK, I feel it's worth mentioning given the possible amount of targets out there. All they'd need to do is start using 9 or 10 character wireless passwords. Maybe even mix in a capital letter or two.
In 2016, when we can feasibly brute force these lengths of passwords in a much more useful amount of time, ISPs need to be changing their strategy with regards to what they supply to customers. This is especially important given the low chances of your average broadband customer who isn't very IT-savvy actually changing their wireless password to something better, such as a long passphrase or a longer random password with lots of symbols and different cases.
For existing customers with Superhubs already, change those passwords!
Edit: I'm reliably informed by a reader that new Superhub 3s seem to have longer passwordss with better character sets. Either they've realised they needed to do more, or it's a symptom of using a new model of router. Either way, that still leaves thousands of Superhub 2s out there with weak passwords.
Good article. I agree they should be longer by default. There are however a few pieces of tech which make brute forcing far less likely. For instance the time out between connection attempts buts several seconds between connection attempts from an individual device. Other things like the connect button on the front only allowing new connections when its pushed mean its much harder, even with a short key to brute force. Just some food for thought.
ReplyDeleteWell, this would be an offline attack, not an online attack. You capture the WPA handshake, then take your data to your fast machine and run the hashing there.
DeleteAs for your second point, are there many routers that only accept a new device when the button is pushed? Are you not thinking of WPS, which usually runs inconjunction with and not instead of WPA?
The new superhub 3 are confirmed by default to have 12 character passwords with upper and lower case characters and numbers. They also have WPS button enabled but the WPS PIN entry is disabled by default.
DeleteThat being said, the HP Evny series of printers managed to get itself online on my network in less than 2 mins with no interaction from me at all other than connecting power. I would love to know how it did that, particularly if it can be reverse engineered or used as part of a coordinated attack.
Me too. That's really weird. I'll do some digging!
Delete