www.i4info.org

i4info Provides the best hacking Material. Latest hacking tutorials and tools are available here. It is the best place for hackers.

Latest topics

» BitCoin Wallet stealor New
Wed Dec 07, 2016 7:46 pm by Admin

» Muhammad Shahroze Rashid | Marketing Consultant
Wed Dec 07, 2016 1:48 pm by Admin

» Muhammad Shahroze Rashid | Sharp Mind, Sharp Innovations
Wed Dec 07, 2016 1:47 pm by Admin

» How to design an effective job ad
Wed Dec 07, 2016 1:45 pm by Admin

» Teen Patti Gold Hack & 3 Patti Chips Code Extra Bonus 2016
Tue Dec 06, 2016 4:38 am by shoytan er lara

» Content Marketing | Promotional Video
Fri Dec 02, 2016 2:45 pm by Admin

» How to start an Online Business | Complete Guide
Fri Dec 02, 2016 2:30 pm by Admin

» Zeeshan Bhatti
Wed Nov 30, 2016 3:18 pm by Admin

» USAA letter for scam page
Tue Nov 29, 2016 4:20 am by Hardyjsh1966

December 2016

MonTueWedThuFriSatSun
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendar Calendar

Affiliates


free forum

Forumotion on Facebook Forumotion on Twitter Forumotion on YouTubeForumotion on Google+

Visitors Counter


Flag Counter

About Author

Muhammad Shahroze Rashid
i4info
Web Developer
Web Developer & Designer,Researcher and Technical writer. An Information Security Consultant and System Auditor, a keen Security researcher.
samanabad
lahore, Punjab
54000
Pakistan
[email protected]
03064904829
DOB: 05/25/1992
Muhammad Shahroze Rashid
Muhammad Shahroze Rashid is a Web Developer and Designer, Android Developer, InfoGrapher, IT consultant and Researcher
Reviewed by Google
Google
Date published: 01/19/2016
9 / 10 stars
Muhammad Shahroze Rashid
Muhammad Shahroze Rashid Web Developer & Designer,Researcher and Technical writer. An Information Security Consultant and System Audito
samanabad
lahore
Punjab
54000
Pakistan

How to h*a*c*k* WiFi Password from Smart Doorbells

Share

Admin
Admin

Posts : 455
Reputation : 5
Join date : 2014-12-10
Age : 24
Location : Pakistan

How to h*a*c*k* WiFi Password from Smart Doorbells

Post by Admin on Thu Jan 14, 2016 4:35 pm





The buzz around The [You must be registered and logged in to see this link.] is growing, and it is growing at a great pace.

Every day the technology industry tries to connect another household object to the Internet. One such internet-connected household device is a Smart Doorbell.



Gone are the days when we have regular doorbells and need to open the door every time the doorbell rings to see who is around.






However, with these Internet-connected Smart Doorbells, you get an alert on your smartphone app every time a visitor presses your doorbell and, in fact, you can also view who's in front of your door.


Moreover, you can even communicate with them without ever opening the door. Isn’t this amazing? Pretty much.


But what if your doorbell Reveals your home's WiFi password?


Use Smart Doorbell to h*a*c*k* WiFi Password



Until now, we have seen how hackers and researchers discovered security holes in [You must be registered and logged in to see this link.],[You must be registered and logged in to see this link.], [You must be registered and logged in to see this link.] and Internet-connected [You must be registered and logged in to see this link.], raising questions about the security, privacy, and potential misuse of IoTs.


Now, security researchers at UK consultancy Pen Test Partners have [You must be registered and logged in to see this link.] a critical security hole in Wi-Fi-enabled video doorbell that could be used to expose the home network password of users.


The security hole is uncovered in [You must be registered and logged in to see this link.] – a modern IoT Smart doorbell that connects to the user's home WiFi network, allowing them to view who is in front of the door with the help of their mobile device, even if the user is not at home.


Additionally, the Smart doorbell also gives users option to hook up to some smart door locks, so users can let their guests or family members into their home even if they are not in the house.





Researchers were impressed by the functionality of Ring, though shocked when analysed the security of the device that allowed them to discover the home user's WiFi password.


Press Button, Access a URL and Get WiFi Password!



As researchers explain, with the help of screw gauge, anyone can detach the doorbell mounted on the outside of the house and press the orange button (given on its back), which puts the device's wireless component in AP (Access Point) mode.

"Pressing the setup button [puts] the doorbell’s wireless module (a Gainspan wireless unit) into a setup mode, in which it acts as a Wi-Fi access point," the company's consultant David Lodge explains in a [You must be registered and logged in to see this link.].
You can then use your mobile phone to connect to the server, via a specific URL ([You must be registered and logged in to see this link.]).


When accessed, the above URL will reveal the wireless module's configuration file in the web browser, including the home WiFi network's SSID and PSK (Pre-Shared Key, a.k.a. password) in clear text.







Now, you just need to do is put the Smart doorbell back on the house's wall and disappear.


Since home WiFi networks have always been trusted by their owners who connect their devices to them, having access to this network, hackers can launch other malicious attacks against the victim's workstations, and other smart devices.


Researchers reported the security hole to Ring that resolved the issue via a firmware update released just two weeks after they were notified.





    Current date/time is Fri Dec 09, 2016 12:32 pm