How to secure your home wireless network

November 15, 2020 Security

How do you protect your home wireless network when hackers have already learned to bypass even powerful protection like WPA2?
Since the hacker conference Black Hat 2010, wireless networks with WPA2 encryption and strong password can no longer be considered highly secure. Security expert Craig Heffner has shown how to hack a router and take control of the device without much difficulty. Many major manufacturers have come under attack, including Linksys, Belkin and Dell. The hacking technology is so simple that even a novice hacker can intercept traffic. All you need to do is have your own website and Heffner’s Rebind program. We will tell you what this vulnerability is and how to protect your network from attacks.
Heffner’s main goal is the router configuration page. Through it, he gains access to the WLAN key, redirects all network traffic and intercepts the data. The trick is that this page is only accessible via the internal LAN (Local Area Network). All requests from the outside are blocked by the router for security reasons. The Heffner attack circumvents this protection in a clever way that exploits a widespread programming error that occurs in many router manufacturers.

Insidious forgery

First, the hacker registers a domain and places a regular website at this address, for example, https://www.vsecurelabs.co/. As an IP address, he indicates to the provider the IP of his PC from which the attack will be carried out. As soon as the victim opens this resource, his computer is told the IP address of the attacking machine. Finally, the attacked PC tries to load the home page of the attacker’s website. Heffner’s Rebind utility, launched on the hacker’s computer, recognizes this request, captures the victim’s IP address and redirects it to a subdomain (for example, https://www.vsecurelabs.co/). This causes the victim computer to re-send the IP request, but this time to the subdomain. The Rebind program responds with two IP addresses – the victim’s own IP address and the victim’s IP address recorded in the previous step. Next, the attacked PC requests the content of the website – this time from the subdomain https://www.vsecurelabs.co/. At this point, the hacker sends a special Rebind program to the victim and blocks all connections to the attacking computer that were made over HTTP through port 80.

JavaScript sends a new request to https://www.vsecurelabs.co/, which is rejected because it works on the blocked port 80. The connection to the first IP does not work, and the victim computer tries the second address received from the cracker. This IP is the address of his own router – and the attacked PC establishes an internal connection with it.

The hacker’s computer can now access the router through the attacked machine by sending control commands to a JavaScript program embedded on the affected PC. To do this, he establishes (in addition to connecting to the router) also a connection with the hacker’s website. As a result, the attacked PC thinks every time that it is connected to the https://www.vsecurelabs.co/resource, and not its own router. The hacker sends control commands through his website, but port 81 is used (after all, the 80th is constantly blocked). The subdomain https://www.vsecurelabs.co/ is connected to the external IP of the victim’s computer. This gives the cracker access to the router interface.

Elementary protection

A hacker can configure a victim’s router in such a way that some or even the entire Internet traffic will pass through his server, and at the same time gain access to data or the home network itself. But for this tactic to bear fruit, the attacker must know the password to access the router’s settings. And here banal human laziness comes to his aid. Most users leave the default password and never change it. For hackers, who, of course, know the standard keys of all manufacturers, penetration into someone else’s network is much easier. That is, protection against such attacks is elementary: just change the standard password to your own, at least ten characters long. It should not be a meaningful word, but a random sequence of letters of different case, numbers and special characters. Write this code down on a piece of paper and attach it to the bottom cover of your router. As long as no one gets into your house, the password will be reliably protected

New hacker tricks

Black Hat and Def Con – the largest and most authoritative gatherings of hackers from around the world each year, are the focus of the secret services and criminal police. At these events, security experts present their latest findings.