View previous topic :: View next topic |
Author |
Message |
nailgunner MagicJack Sensei
Joined: 18 Mar 2010 Posts: 1548
|
Posted: Fri Jun 24, 2011 6:40 pm Post subject: |
|
|
Pablo123 wrote: | I mean who cares anyway? Why do you want to hear from Nettalk? Just let it be, not that big of a deal in my eyes. |
Well gee. Genxweb runs a company, while relatively small, that competes with NetTalk for VOIP users. NetTalk has accused him of sabotaging their company. So it is obvious that Genxweb would like to make it clear to anyone that has heard or will hear about this, that he has nothing to do with it. Makes sense to me. |
|
Back to top |
|
|
Pablo123 Dan isn't smart enough to hire me
Joined: 07 Jan 2011 Posts: 172
|
Posted: Fri Jun 24, 2011 6:44 pm Post subject: |
|
|
If everybody believes it wasn't him, then leave the subject alone? Why create more publicity then needed? Just my poor little 2 cents just move on and be the better person.
Have a great weekend everyone! |
|
Back to top |
|
|
oldtimercurt Dan isn't smart enough to hire me
Joined: 07 Feb 2009 Posts: 281 Location: Pensacola
|
Posted: Fri Jun 24, 2011 6:45 pm Post subject: |
|
|
Pablo, maybe it doesn't look like a big deal to you because you're not the one affected. Mike is, and from the sound of it he's concerned. That's good enough for me.
Good Luck, Mike.
OTC |
|
Back to top |
|
|
Pablo123 Dan isn't smart enough to hire me
Joined: 07 Jan 2011 Posts: 172
|
Posted: Fri Jun 24, 2011 6:49 pm Post subject: |
|
|
Why can't we be friends, why can't we be friends? Lol
All the best for everyone, let god be with you |
|
Back to top |
|
|
genxweb Dan isn't smart enough to hire me
Joined: 11 Mar 2010 Posts: 257
|
Posted: Sat Jun 25, 2011 8:47 am Post subject: |
|
|
Pablo123 wrote: | I mean who cares anyway? Why do you want to hear from Nettalk? Just let it be, not that big of a deal in my eyes. |
Thats why you are not a security person. By stealing others SIP credentials you can now not only call as them but receive their calls, impersonate them and carry out other Social engineering hacks and scams as that person through their number. |
|
Back to top |
|
|
Pablo123 Dan isn't smart enough to hire me
Joined: 07 Jan 2011 Posts: 172
|
Posted: Sat Jun 25, 2011 9:22 am Post subject: |
|
|
I'm sure the same person that hacked Nettalk can hack your company "voipmyway". Look the goverment gets hacked everyday, your information is never safe with anybody. Your right I'm not security expert and will never be, the technology changes to fast to be a expert. |
|
Back to top |
|
|
Pablo123 Dan isn't smart enough to hire me
Joined: 07 Jan 2011 Posts: 172
|
|
Back to top |
|
|
vj244 MagicJack Newbie
Joined: 09 Mar 2008 Posts: 6 Location: India
|
Posted: Sat Jun 25, 2011 10:20 am Post subject: |
|
|
genxweb wrote: | I like to thank the original poster for this. I am being blamed by the nettalk owner for your release of this information. I have not nor will I ever purchase / own their product.
I am all for full disclousre but this has caused me a headache and I did not even do it. Be careful who posts here. I will post the email from thomas and my response in a few days after talking to my legal team and awaiting an apology from nettalk. |
Mr. Genxweb,
I am sorry you were blamed for this. You are certainly not responsible. If NetTalk wishes to blame someone, they should blame themselves. Their system was not designed to be secure. A simple substitution cipher to hide credentials is just child's play.
To Mr. Pablo123's point, this was not a hack. With this method, I just walked right up to the front door, and tried all of the keys. Brute force will always work. Even a combination lock can be opened if you have the patience to try all possible combinations.
To the moderators, my apologies for posting the brute force option. If you'd like, I can remove the brute force option, and repost the source code.
Regards,
Valavan |
|
Back to top |
|
|
genxweb Dan isn't smart enough to hire me
Joined: 11 Mar 2010 Posts: 257
|
|
Back to top |
|
|
neo2121 Dan isn't smart enough to hire me
Joined: 09 Jan 2008 Posts: 282
|
Posted: Sat Jun 25, 2011 12:00 pm Post subject: |
|
|
That sucks you are catching the heat for this...I couldn't get it to work maybe they have already closed it up this morning.
**UPDATE
Seem to me that they have shutoff the tftp server aleady. |
|
Back to top |
|
|
genxweb Dan isn't smart enough to hire me
Joined: 11 Mar 2010 Posts: 257
|
Posted: Sat Jun 25, 2011 12:38 pm Post subject: |
|
|
neo2121 wrote: | That sucks you are catching the heat for this...I couldn't get it to work maybe they have already closed it up this morning.
**UPDATE
Seem to me that they have shutoff the tftp server aleady. |
I posted this on their site as well. |
|
Back to top |
|
|
Pablo123 Dan isn't smart enough to hire me
Joined: 07 Jan 2011 Posts: 172
|
Posted: Sat Jun 25, 2011 2:01 pm Post subject: |
|
|
newtoncd
NT Starter
Joined: Thu Jul 30, 2009 10:35 am
Posts: 81
�Re: Nettalk chooses not to protect Client�s data / Privacy
"The issue this was a open issue since day 1 of the duo. This one researcher might of publicized it but who knows how many others knew about this before him and was making use of it. On top of this their has been no official word sent to duo customers about this or what they plan to do to protect the clients, or what they are going to do for those that may of been already compromised."
>>>>>>>
According to the article, "An attacker can download the configuration of any Nettalk user by knowing the MAC address of the device and the last 4 digits of the device serial number; Using a simple brute force method you can quickly pull the configurations of multiple users in matter of hours, if not minutes"
If I get this right, the hacker has to break into my home network, identify the MAC address of my DUO and also determine the last four digits of the serial number.
Once they have that, they can start using my SIP credentials to make their own calls. Is that the extent of the issue? Or is the article implying that the netTALK site was compromised and the hackers now have a list of all DUOs and their serial numbers? I didn't get that from the article. A netTALK subscriber can check the netTALK website and their respective call logs to see if their device has been compromised.
All of this is now OBE since the TFTP exploit has been closed.
Last edited by newtoncd on Sat Jun 25, 2011 12:17 pm, edited 1 time in total. |
|
Back to top |
|
|
newtoncd Dan isn't smart enough to hire me
Joined: 09 Jan 2009 Posts: 216
|
Posted: Sat Jun 25, 2011 5:46 pm Post subject: |
|
|
I still appreciate the folks that identified this vulnerability. |
|
Back to top |
|
|
genxweb Dan isn't smart enough to hire me
Joined: 11 Mar 2010 Posts: 257
|
Posted: Sun Jun 26, 2011 10:14 am Post subject: |
|
|
newtoncd wrote: | I still appreciate the folks that identified this vulnerability. |
Netwoncd is correct as long as the tftp is off the vulnerability is gone. Though he is not correct about having to break into someones house to get the info in the first place. Brute force will try every possible combination of an and mac. It is computer term not a physical break in term.
I like to see how they plan to permantely fix this as the duo I believe may require the tftp for software updates, though I may be wrong as I don't have one. At some point they are gonna have to push new updates to the devcies. |
|
Back to top |
|
|
Pablo123 Dan isn't smart enough to hire me
Joined: 07 Jan 2011 Posts: 172
|
Posted: Sun Jun 26, 2011 10:23 am Post subject: |
|
|
They are still going to have to break in and get the last for digits of the serial number which is on the sticker on the bottom of the device. |
|
Back to top |
|
|
newtoncd Dan isn't smart enough to hire me
Joined: 09 Jan 2009 Posts: 216
|
Posted: Sun Jun 26, 2011 10:27 am Post subject: |
|
|
genxweb wrote: | newtoncd wrote: | I still appreciate the folks that identified this vulnerability. |
Netwoncd is correct as long as the tftp is off the vulnerability is gone. Though he is not correct about having to break into someones house to get the info in the first place. Brute force will try every possible combination of an and mac. It is computer term not a physical break in term.
I like to see how they plan to permantely fix this as the duo I believe may require the tftp for software updates, though I may be wrong as I don't have one. At some point they are gonna have to push new updates to the devcies. |
We were talking the same thing. What I tried to say was, "the hacker will have to hack into my home network to get access to my DUO". I didn't mean "physically breaking into my house", I meant via a hack into my home network. If that isn't the case, I guess I am not clear as to how they can brute force my DUO.
If they don't have to hack into my network to get at it, how they will get access to my device (the MAC and last four of the serial). I am guessing the hackers must have targeted my network with a packet sniffer to watch for the DUO to communicate with netTALK to get my SIP credentials? Or, are they targeting netTALK servers and watching packets in that direction?
Thanks. |
|
Back to top |
|
|
genxweb Dan isn't smart enough to hire me
Joined: 11 Mar 2010 Posts: 257
|
Posted: Sun Jun 26, 2011 10:53 am Post subject: |
|
|
Newtoncd brute forcing means you remotely try every possiblility of miners till you find ones that work. You never have to hack the user. The user will never know that you did it.
te="newtoncd"] genxweb wrote: | newtoncd wrote: | I still appreciate the folks that identified this vulnerability. |
Netwoncd is correct as long as the tftp is off the vulnerability is gone. Though he is not correct about having to break into someones house to get the info in the first place. Brute force will try every possible combination of an and mac. It is computer term not a physical break in term.
I like to see how they plan to permantely fix this as the duo I believe may require the tftp for software updates, though I may be wrong as I don't have one. At some point they are gonna have to push new updates to the devcies. |
We were talking the same thing. What I tried to say was, "the hacker will have to hack into my home network to get access to my DUO". I didn't mean "physically breaking into my house, I meant via a hack into my home network. If that isn't the case, I guess I am not clear as to how they can brute force my DUO.
If they don't have to hack into my network to get at it, I guess I am not clear how they will get access to my device (the MAC and last four of the serial). I am guessing the hackers must have targeted my network with a packet sniffer to watch for the DUO to communicate with netTALK to get my SIP credentials? Or, are they targeting netTALK servers and watching packets in that direction?
Thanks.[/quote] |
|
Back to top |
|
|
Pablo123 Dan isn't smart enough to hire me
Joined: 07 Jan 2011 Posts: 172
|
Posted: Sun Jun 26, 2011 10:57 am Post subject: |
|
|
They still need to get the serial from the device. they can brute force all they want, but they need the serial number in order to get the SIP info. |
|
Back to top |
|
|
genxweb Dan isn't smart enough to hire me
Joined: 11 Mar 2010 Posts: 257
|
Posted: Sun Jun 26, 2011 11:56 am Post subject: |
|
|
Pablo123 wrote: | They still need to get the serial from the device. they can brute force all they want, but they need the serial number in order to get the SIP info. |
Dude they need the last 4 numbers. So thy can brute force starting with 1111 then 1112 and so on. Eventually the attacker will find the right combo. It is like trying every possible combinations of a keypad on a door eventually you will get it. The difference is computers are faster. |
|
Back to top |
|
|
vj244 MagicJack Newbie
Joined: 09 Mar 2008 Posts: 6 Location: India
|
Posted: Sun Jun 26, 2011 11:57 am Post subject: |
|
|
Pablo123 wrote: | They still need to get the serial from the device. they can brute force all they want, but they need the serial number in order to get the SIP info. |
I did not hack into any home network. You are correct newtoncd, that to get YOUR personal credentials, I would need your MAC address.
In my approach, I tried all possible combinations from 0000 through 9999.
I knew that NetTalk MAC's started with 00:25... A simple google search would yield lots of possible candidates.
For example, in the google search above, lets take jesustalk.info's MAC. If I paste in his MAC into the tool I posted, it was a matter of at most 10,000 packets to get his SIP. Since the last 4 digits are random, we can find most SIP info in half that, or 5000 packets. So, it becomes a matter of how fast you can spit out the packets. Even on a slow network connection it takes less than a minute to retrieve one credential.
Now, expand your thinking. Don't try to get just one SIP credential, brute force many credentials at one time. For example, try all MAC's from: 00:25:F6:00:00:00 to 00:25:F6:00:FF:FF. This will yield about 65,000 username/password pairs, including our good friend jesustalk.
My testing was spread across about a dozen machines, and I tested for 3 or 4 weeks. So, how serious is this? I guess that depends if your MAC address was in the range of MAC's tested.
NetTalk should probably change everyone's SIP password, just to make sure this hole is actually patched.
In summary, I did not need your serial number, I just tried them all.
Valavan |
|
Back to top |
|
|
Pablo123 Dan isn't smart enough to hire me
Joined: 07 Jan 2011 Posts: 172
|
Posted: Sun Jun 26, 2011 12:10 pm Post subject: |
|
|
VJ, your English is to Americanize, are you sure your from India? Or are you just trying to cover it up? Are you a MJ employee? |
|
Back to top |
|
|
genxweb Dan isn't smart enough to hire me
Joined: 11 Mar 2010 Posts: 257
|
Posted: Sun Jun 26, 2011 12:56 pm Post subject: |
|
|
Can you post this over in the nettalk forum under the thread I started this explains it well.
vj244 wrote: | Pablo123 wrote: | They still need to get the serial from the device. they can brute force all they want, but they need the serial number in order to get the SIP info. |
I did not hack into any home network. You are correct newtoncd, that to get YOUR personal credentials, I would need your MAC address.
In my approach, I tried all possible combinations from 0000 through 9999.
I knew that NetTalk MAC's started with 00:25... A simple google search would yield lots of possible candidates.
For example, in the google search above, lets take jesustalk.info's MAC. If I paste in his MAC into the tool I posted, it was a matter of at most 10,000 packets to get his SIP. Since the last 4 digits are random, we can find most SIP info in half that, or 5000 packets. So, it becomes a matter of how fast you can spit out the packets. Even on a slow network connection it takes less than a minute to retrieve one credential.
Now, expand your thinking. Don't try to get just one SIP credential, brute force many credentials at one time. For example, try all MAC's from: 00:25:F6:00:00:00 to 00:25:F6:00:FF:FF. This will yield about 65,000 username/password pairs, including our good friend jesustalk.
My testing was spread across about a dozen machines, and I tested for 3 or 4 weeks. So, how serious is this? I guess that depends if your MAC address was in the range of MAC's tested.
NetTalk should probably change everyone's SIP password, just to make sure this hole is actually patched.
In summary, I did not need your serial number, I just tried them all.
Valavan |
|
|
Back to top |
|
|
jhonn MagicJack Newbie
Joined: 21 Mar 2008 Posts: 3
|
Posted: Mon Oct 01, 2012 9:51 pm Post subject: |
|
|
where is the application to download |
|
Back to top |
|
|
|