This is my newest post on https://izuz.wordpress.com/2011/02/22/ogero-dsl-blink-youve-been-hacked/ ...

This is a payback for all the sucky internet they are giving us..

Enjoy people!..

--------------------------------------------------------------------------------------------------
HEY OGERO !!! PAY BACK IS A B!TCH !!!

How many times you get to find Blink wifi networks around you?! Very frequently right?!



Your WiFi network at home or at work might be a Blink WiFi. ( If you do then this is the time to PANIC!)

Here’s why:

Blink (or any other ISP as a matter of fact) mass orders and mass configures their wireless routers. Hence the WEP/WPA keys are automatically generated per router; so does the SSID (Name of the wireless network).

Certain routers have always had this vulnerability BUT Lo and Behold , Blink routers are also vulnerable to this attack.

How you may ask?! Let me explain…

When you scan for WiFi networks and see a BlinkXXXXXX network, be sure that this SSID is automatically generated, as we mentioned earlier.. It is a concatenation of the ISP Name (Blink) + the XXXXXX (6 character HEX code), and this code is the key to our attack.

This code is generated from the Serial Number (SN) of the router… So does the WEP/WPA key of the router.

XXXXXX -> SN -> Hash -> KEY

So by reversing the Hash function (which is doable via rainbow tables), you will get to have the Serial Number and then Hash it to find the WiFi router key!

It is easy and it can be done! and there are already apps available out there for iOS and Android!

What makes the matter even more critical, is the fact that Ogero doesn’t give you the admin access to your WiFi router, so that you can change your default settings.

So it is really a combination of circumstances that made this Hack available:

Ignorance (People don’t change their SSID)
Dictatorship (Ogero doesn’t supply you with Admin access to your equipment)
Done panicking?! Great your next mission is to go and literally Nag-the-hell out of your Ogero Customer Support.

p.s: You don’t believe me!? Post you WiFi SSID name in the comments and i will tell you your key!

update 1: username “user” with password “user” works for a big chunk of the routers out there, this is a privileged user which means, can view system settings and PCs connected to the network, which brings us to a totally new level of security threats!
You don't need the Administrator username or password to be able to change the SSID and the WEP/WPA keys, just login as a User (Username: user / Password: user)...

Many people are changing the SSID and the WEP/WPA keys... So I think that there are no reasons to PANIC!
Panic is not appropriate I hacked my brothers blink in 2 minutes without tools the password is mostly 3 digits different than the router serial no joke . That is eactly why i do not want ogero as Isp!
Samer99 wroteYou don't need the Administrator username or password to be able to change the SSID and the WEP/WPA keys, just login as a User (Username: user / Password: user)...

Many people are changing the SSID and the WEP/WPA keys... So I think that there are no reasons to PANIC!
I'm trying to do that but I can't. The address is http://192.168.1.1:80, I get the login dialog box, I enter the username and password, but all I get is a blank white page. Why does that happen?
Kassem wrote
Samer99 wroteYou don't need the Administrator username or password to be able to change the SSID and the WEP/WPA keys, just login as a User (Username: user / Password: user)...

Many people are changing the SSID and the WEP/WPA keys... So I think that there are no reasons to PANIC!
I'm trying to do that but I can't. The address is http://192.168.1.1:80, I get the login dialog box, I enter the username and password, but all I get is a blank white page. Why does that happen?
yes me too!
forgotten wrotePanic is not appropriate I hacked my brothers blink in 2 minutes without tools the password is mostly 3 digits different than the router serial no joke . That is eactly why i do not want ogero as Isp!
Yes this is actually true. I figured out the pattern very easily a long time ago. Then when I had issues with bandwidth being consumed like crazy (I had to pay $50 + 114,000L.L for bandwidth I did not consume), I went to Ogero in Bourj El Murr and asked them to check the router and change the password. Unfortunately, I forgot what the pattern was because I stopped connecting using Wi-Fi once I bought a desktop.
Samer99 wroteYou don't need the Administrator username or password to be able to change the SSID and the WEP/WPA keys, just login as a User (Username: user / Password: user)...

Many people are changing the SSID and the WEP/WPA keys... So I think that there are no reasons to PANIC!
user/user cannot change system settings :)
forgotten wrotePanic is not appropriate I hacked my brothers blink in 2 minutes without tools the password is mostly 3 digits different than the router serial no joke . That is eactly why i do not want ogero as Isp!
the wep/wap key are hashed off the serial number, it cannot be guessed, needs to be calculated
Well if you have the Ogero Dlink router, the user/user allows you to change the pass. I don't know about the others, because when i had ogero i changed the Pass and you can change the encryption to WPA. But now i'm with IDM and i'm still using the same router so i flashed the router and installed a new firmware, working perfectly.
m0ei wroteWell if you have the Ogero Dlink router, the user/user allows you to change the pass. I don't know about the others, because when i had ogero i changed the Pass and you can change the encryption to WPA. But now i'm with IDM and i'm still using the same router so i flashed the router and installed a new firmware, working perfectly.
a big chunk of the routers are thomson ... dlink are the newer ones..
Kassem wrote
Samer99 wroteYou don't need the Administrator username or password to be able to change the SSID and the WEP/WPA keys, just login as a User (Username: user / Password: user)...

Many people are changing the SSID and the WEP/WPA keys... So I think that there are no reasons to PANIC!
I'm trying to do that but I can't. The address is http://192.168.1.1:80, I get the login dialog box, I enter the username and password, but all I get is a blank white page. Why does that happen?
If you have the THOMSON TG585 v7 (the modem-router that most Ogero clients have), then the default adress is http://192.168.1.254/ and you can login as a User (Username: user / Password: user), and you will be able to change the SSID and the password... I did that for 3 relatives...
ZuZ wrote
m0ei wroteWell if you have the Ogero Dlink router, the user/user allows you to change the pass. I don't know about the others, because when i had ogero i changed the Pass and you can change the encryption to WPA. But now i'm with IDM and i'm still using the same router so i flashed the router and installed a new firmware, working perfectly.
a big chunk of the routers are thomson ... dlink are the newer ones..
Not really, the first routers ogero used were Dlink, i was a customer with ogero from 2009 then after 6 months i think they replaced the routers to Thomson. I don't know if they are using new Dlink routers now as you're saying.
m0ei wrote
ZuZ wrote
m0ei wroteWell if you have the Ogero Dlink router, the user/user allows you to change the pass. I don't know about the others, because when i had ogero i changed the Pass and you can change the encryption to WPA. But now i'm with IDM and i'm still using the same router so i flashed the router and installed a new firmware, working perfectly.
a big chunk of the routers are thomson ... dlink are the newer ones..
Not really, the first routers ogero used were Dlink, i was a customer with ogero from 2009 then after 6 months i think they replaced the routers to Thomson. I don't know if they are using new Dlink routers now as you're saying.
we need an ogero representative to set things straight! and how they are willing to fix this
I have a D-Link router. And no you do not need to calculate anything to figure out the password, you can easily figure out the pattern. At least that's how it used to be back then.
you can contact ogero and they will give you the admin login and password
can you post a howto guide for this ?
what algorithm is used to hash the SN, and what tools we need to reverse it?
An advice for future Ogero subscribers: get the non-wireless (modem only) package and by your own router.
Less Expansive.
More secure: I got WPA TKIP set up, mac address filtering, firewall, parental protection.
One interesting thing you can do when you have full control over your router is reduce broadcast power by percentages. My network does not show up at my neighbors above, below and next door using normal laptop WNIC.
TKIP is not secure (it uses some ciphers as WEP, but just different way). Use AES.
um... if you only have a dsl modem also acting as router and wifi, you will get pwnd

IMO, like Bij said; best practice is [DSL modem] -> [wifi/ethernet router/firewall] -> everybody else
Yes use AES, WPA TKIP encrypted wireless password can be cracked using dictionaries or bruteforce.
Sorry but this is very old news, it is obvious, in fact this matter is related to Thomson company not Ogero, and you did not "hack" Ogero you will be stealing lousy bandwidth (128k or 256k) from your poor neighbors, mmm that's not ethical.
You steal,
Your Neighbors pay,
Ogero Wins.

PS: when I said "you" I didn't mean the author, I am speaking in general.