magicJack  and magicJack Plus Support, Reviews, FAQs and Hacks Forum Index

magicJack and magicJack Plus Support, Reviews, FAQs and Hacks


magicJack and magicJack Plus Unofficial Technical Support. Your Magic Jack and Magic Jack Plus phone service information resource
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

NetTalk SIP via tftp



 
Post new topic   Reply to topic    magicJack and magicJack Plus Support, Reviews, FAQs and Hacks Forum Index -> Alternatives to magicJack
View previous topic :: View next topic  
Author Message
newtoncd
Dan isn't smart enough to hire me


Joined: 09 Jan 2009
Posts: 216

PostPosted: Sun Jun 26, 2011 10:27 am    Post subject: Reply with quote

genxweb wrote:
newtoncd wrote:
I still appreciate the folks that identified this vulnerability.


Netwoncd is correct as long as the tftp is off the vulnerability is gone. Though he is not correct about having to break into someones house to get the info in the first place. Brute force will try every possible combination of an and mac. It is computer term not a physical break in term.

I like to see how they plan to permantely fix this as the duo I believe may require the tftp for software updates, though I may be wrong as I don't have one. At some point they are gonna have to push new updates to the devcies.


We were talking the same thing. What I tried to say was, "the hacker will have to hack into my home network to get access to my DUO". I didn't mean "physically breaking into my house", I meant via a hack into my home network. If that isn't the case, I guess I am not clear as to how they can brute force my DUO.

If they don't have to hack into my network to get at it, how they will get access to my device (the MAC and last four of the serial). I am guessing the hackers must have targeted my network with a packet sniffer to watch for the DUO to communicate with netTALK to get my SIP credentials? Or, are they targeting netTALK servers and watching packets in that direction?

Thanks.
Back to top
View user's profile Send private message
genxweb
Dan isn't smart enough to hire me


Joined: 11 Mar 2010
Posts: 257

PostPosted: Sun Jun 26, 2011 10:53 am    Post subject: Reply with quote

Newtoncd brute forcing means you remotely try every possiblility of miners till you find ones that work. You never have to hack the user. The user will never know that you did it.


te="newtoncd"]
genxweb wrote:
newtoncd wrote:
I still appreciate the folks that identified this vulnerability.


Netwoncd is correct as long as the tftp is off the vulnerability is gone. Though he is not correct about having to break into someones house to get the info in the first place. Brute force will try every possible combination of an and mac. It is computer term not a physical break in term.

I like to see how they plan to permantely fix this as the duo I believe may require the tftp for software updates, though I may be wrong as I don't have one. At some point they are gonna have to push new updates to the devcies.


We were talking the same thing. What I tried to say was, "the hacker will have to hack into my home network to get access to my DUO". I didn't mean "physically breaking into my house, I meant via a hack into my home network. If that isn't the case, I guess I am not clear as to how they can brute force my DUO.

If they don't have to hack into my network to get at it, I guess I am not clear how they will get access to my device (the MAC and last four of the serial). I am guessing the hackers must have targeted my network with a packet sniffer to watch for the DUO to communicate with netTALK to get my SIP credentials? Or, are they targeting netTALK servers and watching packets in that direction?

Thanks.[/quote]
Back to top
View user's profile Send private message Visit poster's website
Pablo123
Dan isn't smart enough to hire me


Joined: 07 Jan 2011
Posts: 172

PostPosted: Sun Jun 26, 2011 10:57 am    Post subject: Reply with quote

They still need to get the serial from the device. they can brute force all they want, but they need the serial number in order to get the SIP info.
Back to top
View user's profile Send private message
genxweb
Dan isn't smart enough to hire me


Joined: 11 Mar 2010
Posts: 257

PostPosted: Sun Jun 26, 2011 11:56 am    Post subject: Reply with quote

Pablo123 wrote:
They still need to get the serial from the device. they can brute force all they want, but they need the serial number in order to get the SIP info.


Dude they need the last 4 numbers. So thy can brute force starting with 1111 then 1112 and so on. Eventually the attacker will find the right combo. It is like trying every possible combinations of a keypad on a door eventually you will get it. The difference is computers are faster.
Back to top
View user's profile Send private message Visit poster's website
vj244
MagicJack Newbie


Joined: 09 Mar 2008
Posts: 6
Location: India

PostPosted: Sun Jun 26, 2011 11:57 am    Post subject: Reply with quote

Pablo123 wrote:
They still need to get the serial from the device. they can brute force all they want, but they need the serial number in order to get the SIP info.


I did not hack into any home network. You are correct newtoncd, that to get YOUR personal credentials, I would need your MAC address.

In my approach, I tried all possible combinations from 0000 through 9999.

I knew that NetTalk MAC's started with 00:25... A simple google search would yield lots of possible candidates.

For example, in the google search above, lets take jesustalk.info's MAC. If I paste in his MAC into the tool I posted, it was a matter of at most 10,000 packets to get his SIP. Since the last 4 digits are random, we can find most SIP info in half that, or 5000 packets. So, it becomes a matter of how fast you can spit out the packets. Even on a slow network connection it takes less than a minute to retrieve one credential.

Now, expand your thinking. Don't try to get just one SIP credential, brute force many credentials at one time. For example, try all MAC's from: 00:25:F6:00:00:00 to 00:25:F6:00:FF:FF. This will yield about 65,000 username/password pairs, including our good friend jesustalk.

My testing was spread across about a dozen machines, and I tested for 3 or 4 weeks. So, how serious is this? I guess that depends if your MAC address was in the range of MAC's tested.

NetTalk should probably change everyone's SIP password, just to make sure this hole is actually patched.

In summary, I did not need your serial number, I just tried them all.

Valavan
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Pablo123
Dan isn't smart enough to hire me


Joined: 07 Jan 2011
Posts: 172

PostPosted: Sun Jun 26, 2011 12:10 pm    Post subject: Reply with quote

VJ, your English is to Americanize, are you sure your from India? Or are you just trying to cover it up? Are you a MJ employee?
Back to top
View user's profile Send private message
genxweb
Dan isn't smart enough to hire me


Joined: 11 Mar 2010
Posts: 257

PostPosted: Sun Jun 26, 2011 12:56 pm    Post subject: Reply with quote

Can you post this over in the nettalk forum under the thread I started this explains it well.

vj244 wrote:
Pablo123 wrote:
They still need to get the serial from the device. they can brute force all they want, but they need the serial number in order to get the SIP info.


I did not hack into any home network. You are correct newtoncd, that to get YOUR personal credentials, I would need your MAC address.

In my approach, I tried all possible combinations from 0000 through 9999.

I knew that NetTalk MAC's started with 00:25... A simple google search would yield lots of possible candidates.

For example, in the google search above, lets take jesustalk.info's MAC. If I paste in his MAC into the tool I posted, it was a matter of at most 10,000 packets to get his SIP. Since the last 4 digits are random, we can find most SIP info in half that, or 5000 packets. So, it becomes a matter of how fast you can spit out the packets. Even on a slow network connection it takes less than a minute to retrieve one credential.

Now, expand your thinking. Don't try to get just one SIP credential, brute force many credentials at one time. For example, try all MAC's from: 00:25:F6:00:00:00 to 00:25:F6:00:FF:FF. This will yield about 65,000 username/password pairs, including our good friend jesustalk.

My testing was spread across about a dozen machines, and I tested for 3 or 4 weeks. So, how serious is this? I guess that depends if your MAC address was in the range of MAC's tested.

NetTalk should probably change everyone's SIP password, just to make sure this hole is actually patched.

In summary, I did not need your serial number, I just tried them all.

Valavan
Back to top
View user's profile Send private message Visit poster's website
jhonn
MagicJack Newbie


Joined: 21 Mar 2008
Posts: 3

PostPosted: Mon Oct 01, 2012 9:51 pm    Post subject: Reply with quote

where is the application to download
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    magicJack and magicJack Plus Support, Reviews, FAQs and Hacks Forum Index -> Alternatives to magicJack All times are GMT - 4 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB Turbo Extended Edition © 2010, phpBB Group