Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Explains How He Hacked Into Tel Aviv's Public Wi-Fi Network In Three Days (vice.com)

Posted by BeauHD on from the because-why-not dept.

An anonymous reader quotes a report from Motherboard: Israeli hacker Amihai Neiderman needed three days to hack into Tel Aviv's free public Wi-Fi. He only worked during the evenings, after he came home from his full-time job as a security researcher. The 26-year-old said the difficulty level was "a solid 5" on a scale from 1 to 10. The hack, performed in 2014 and recently explained in detail during the DefCamp conference in Bucharest, Romania, shows how vulnerable public networks can be and why we should encrypt our web traffic while accessing them. He hacked his city out of curiosity. One day, he was driving home from work and he noticed the "FREE_TLV" displayed on his smartphone. He had no idea what it was, but got intrigued. It turned out to be Tel Aviv's free municipal Wi-Fi network. The hacker connected to it and checked what his IP was, using http://whatismyip.com. This way, you usually find the address of the router that links you to the internet. To hack Tel Aviv, he needed to take control over this device. Neiderman got home and found out that the router had one port open. He tried it. This step allowed him to determine the manufacturer of the router. It turned out to be Peplink, a company he had never heard of. It made the mistake of having the administration interfaces online. At this point, he still didn't know what device he was connecting to. He compared different products displayed on the company's website and looked for additional clues in the messages sent to him by the unidentified device. He finally found out it was a high-end load balancing router. All he needed was a vulnerability to exploit. But breaking the firmware of the router seemed time consuming, as files were encrypted, so the hacker took a different approach. He found a less protected version of the firmware, used for a different device, and found a vulnerability there. To his luck, the same glitch was present in the version installed on the very devices that made up "FREE_TLV." He tested the hack at home, emulating the city's network, and it worked. A real-life test would had been illegal.

6 of 45 comments (clear)

  1. Aand what so special? by fubarrr · · Score: 2

    Did he do hacking on Saturday?

  2. Besides the obvious informmercial by ruir · · Score: 4, Insightful

    Where is an article not written for 5 years old how was the vulnerability found?

  3. Some rather important information missing... by TWX · · Score: 3, Insightful

    ...from the summary...

    It jumps straight from checking out the SSID that he found on his phone and seeing his IP address to somehow having a device in his hand that he could manipulate?

    --
    Do not look into laser with remaining eye.
  4. So he DIDN'T hack it, then by wonkey_monkey · · Score: 5, Insightful

    He tested the hack at home, emulating the city's network, and it worked. A real-life test would had been illegal.

    Oh, right. So he hacked the city's network the same way I robbed a bank with a gun, only it wasn't a bank, it was my friend with some monopoly money, and it wasn't a gun, it was a banana. But we both acted like it was real, so it totally would have worked.

    --
    systemd is Roko's Basilisk.
  5. yes, a resistor color code joke. you're welcome by Thud457 · · Score: 2

    awwww all I have is a gold red purple yellow, now I can't hack

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  6. worst story ever by Anonymous Coward · · Score: 2, Funny

    it's like the time I robbed a pirate ship, but then I woke up and it was all a dream.