or Connect
AppleInsider › Forums › Mobile › iPhone › Researchers crack default iPhone Personal Hotspot passwords in under a minute
New Posts  All Forums:Forum Nav:

Researchers crack default iPhone Personal Hotspot passwords in under a minute

post #1 of 27
Thread Starter 
The default generated passwords protecting the mobile hotspot feature of Apple's iPhones and iPads are weak and flawed, according to a group of German researchers claiming to be able to crack iOS Personal Hotspot keys in less than a minute.

yah


In a paper (PDF) titled "Usability vs. Security: The Everlasting trade-OFf in the Context of Apple iOS Mobile Hotspots," researchers from the University of Erlangen demonstrate that iOS generates weak default passwords for its mobile hotspot feature. The researchers found that the mobile hotspot feature is quite susceptible to brute force attacks on the WPA2 handshake.

The paper holds that iOS generates its default passwords based on a word list of roughly 52,500 entries, though iOS apparently relies on about 1,842 of those entries. Additionally, the process for selecting words from the list is insufficiently randomized. That leads to a skewed distribution of words that go into default passwords. That skewed distribution apparently makes it easier to crack a device's password.

Using a GPU cluster with four AMD Radeon HD 7970s, the researchers claimed a 100 percent success rate in cracking iOS-generated passwords. Over the course of the experiment, the researchers got the time to retrieve a password down to around 50 seconds.

The paper notes that "access to a mobile hotspot also results in access to services running on a device." It points to apps like AirDrive HD and other wireless sharing apps as the first easily accessible services once access to the device has been gained.

Besides access to certain apps on the device, the paper also notes that computers and other smart devices connected to the hotspot could also be affected. Additionally, an attacker might be able to intercept messages passing between connected devices and the mobile hotspot.

The researchers write that the entire process of identifying targets, deauthenticating wireless clients, capturing WPA handshakes, and cracking hotspot default passwords could easily be automated. The team even built an app ? Hotspot Cracker ? in order to automate the word list generation process. The computing power necessary to brute force crack the password, they say, could be supplied by cloud computing services.

In all, the paper notes that the tendency for device manufacturers to make their default hotspot passwords easily memorizable is the main cause of the vulnerability. The researchers call for truly randomized passwords to be the default setting for mobile hotspot-capable devices.

"In the context of mobile hotspots," the report concludes, "there is no need to create easily memorizable passwords. After a device has been paired with once by typing out the displayed hotspot password, the entered credentials are usually cached within the associating device, and are reused within subsequent connections."

The paper also notes that Windows Phone 8 and Android devices can be vulnerable to similar attacks. Android by default generates tougher passwords, but many vendors modify the system for their own devices and change the password settings. Windows Phone 8 passwords consist of only eight-digit numbers, giving hackers a search space of 10^8 candidates.
post #2 of 27
Good this is coming out now; iOS 7's GM will probably fix this to the liking of most.
post #3 of 27
There's a flaw?

Then it will be fixed in an update, just like Apple usually does.

Big. Frickin. Deal.

In the meantime, remain suspicious of strangers who move alongside you continuously...
Android: pitting every phone company in the world against one, getting a higher number, and considering it a major achievement.
Reply
Android: pitting every phone company in the world against one, getting a higher number, and considering it a major achievement.
Reply
post #4 of 27
Solution: Don't use the suggested password. Make your own.
Augmented solution: keep an eye on the status bar that shows how many devices are connected.
post #5 of 27

Love the title 'researchers'. I am a researcher in breaking into people's houses. Should I get in I research their bedroom drawers.

 

Yeah yeah, I know. Its valid and all that but were they always called researcher? Or are they researchers by daytime, only?

post #6 of 27

This same article was on 9 to 5 Mac and pretty much you would have to carry around a BIG computer and gear to accomplish this.

Can you imagine walking into your local coffee place with all that stuff? Right.....

post #7 of 27
Does anyone know how many authentication attempts iOS can handle per second? This based on how fast they could generate passwords but they never actually logged into system from I could tell. The 1 minute try was at 390,000 guesses per second and would need about 100,000,000 BITS per second bandwidth.
post #8 of 27
Quote:
Originally Posted by HappyAppleUser View Post

This same article was on 9 to 5 Mac and pretty much you would have to carry around a BIG computer and gear to accomplish this.

Can you imagine walking into your local coffee place with all that stuff? Right.....

Most things that you can do with a "big computer" can be done with the big computer located elsewhere.  I suspect someone could turn a generic smartphone into a front end for this pretty easily.

 

This is a good example of how these kinds of vulnerabilities should be discovered, reported, and (presumably) fixed.  I'm surprised the Apple security guys didn't catch this sooner.  Or perhaps they did and how they are having a "we told you so" moment.

post #9 of 27
Quote:
Originally Posted by Steven N. View Post

Does anyone know how many authentication attempts iOS can handle per second? This based on how fast they could generate passwords but they never actually logged into system from I could tell. The 1 minute try was at 390,000 guesses per second and would need about 100,000,000 BITS per second bandwidth.

 

Wow.  Excellent question.  That sounds more like a denial of service attack vulnerability when you put it like that. 

post #10 of 27

As usual another overhyped news about nothing, here is why:

 

1) I don't know anyone who keeps their Wi-fi tethering  ON when they don't use it for a) battery concern and b) privacy concern.

 

2) When the internet sharing is in uses to the iPhone is instantly notify it on the home screen.

 

3) It's a brute force hack who needs the iPhone to be in range.

 

4) No private data on the iPhone is at risk (Airdrive and other third party sharing solution are sandboxed), the only price for the attacker is to momentary gain a free wireless Internet access. According to the article, the hacker teams said it could develop an Smartphone Apps with help of cloud computing.  I fail to see the usefulness of hacking others internet services when you already have one. 

 

I've got way more concern about Wi-Fi insecurity on domestic router or public honeypots than generated password for iPhones personnal hotspot.


Edited by BigMac2 - 6/19/13 at 11:59am
post #11 of 27
Well if somebody is attaching to your Personal Hotspot, you'd see it in the prominent blue banner across your screen. This doesn't seem like a serious issue.

And in my experience, to connect reliably you have to turn hotspot off and back on again before you want to connect just to make it active. So any attempt to crack into your phone and use your data plan would have to be extraordinarily targeted.
post #12 of 27
Quote:
Originally Posted by HappyAppleUser View Post

>This same article was on 9 to 5 Mac and pretty much you would have to carry around a BIG
>computer and gear to accomplish this. Can you imagine walking into your local coffee place with
>all that stuff? Right.....

Like the newly announced Mac Pro that fits in a shoulder bag, has a 12core Xeon and dual GPU's? Then, too, the researchers suggest it could be cracked via the cloud, so the Starbucks-local hardware need only be a prior-gen iPod Touch w/ a WiFi connection. Beware nerdy-looking coffee sippers with white ear-buds and wearing a tinfoil hat! They could be hacking you right now.
post #13 of 27

Sounds pretty simple. I wonder how long the NSA has been exploiting this.

post #14 of 27
So if I'm being shadowed by an Android-toting geek with a 16 Teraflop cluster on his back. I should change my Hotspot password if I switch it on - good to know!

Ah! Ze Germans.

McD
Why does somebody ask me a question, I can never understand, I can never provide the answer, but believe I can.
Reply
Why does somebody ask me a question, I can never understand, I can never provide the answer, but believe I can.
Reply
post #15 of 27
Quote:
Originally Posted by GTR View Post

There's a flaw?

Then it will be fixed in an update, just like Apple usually does.

Big. Frickin. Deal.

In the meantime, remain suspicious of strangers who move alongside you continuously...

Especially if they're holding a GPU cluster with four AMD Radeon HD 7970s in their hands.
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
post #16 of 27

The way this attack works is not attempting to connect to the phone repeatedly.  That wouldn't work.  What happens is that they monitor the wireless data going to the phone, waiting for network authentication to occur.  ie, when you turn on your laptop and start the connection.  This traffic is in an encrypted form.  So they take this data and run it through their program to determine what the key is.

 

The hardware needed to read the encrypted data floating in air can be as simple as another phone.  This can then be sent to the power computer to decrypt, and then return the data back to the phone.  No big computer is needed onsite for this to work.

 

Now, for this to work, they have to capture the exact data at the time that you authenticate to the network.  If your hot spot is on, but nobody is attempting to tether, they cannot gain access to the key.  This means there's no need to turn off the hotspot feature when you're not using it in an effort to prevent this attack.  There are ways to trick connected devices into reauthenticating their connections, so during the duration of your connection, you are vulnerable to this attack.

 

Now, of course, if they do connect to your device, there is going to be a notification on the screen.  However, if your phone is in your pocket, you won't necessarily see that.

 

For most people, the risk of using the auto generated password is minimal.  In fact, it's better than 12345 that they would probably enter on their own.  Having Apple put a more difficult auto password in the phone would result in people changing it to easy to guess passwords, so 'fixing' the problem would likely make things worse.  A simple solution is when you see the default password, CHANGE it to something more complex.  Random letters and numbers are no more complex than strings of words for a computer to guess.  A34fD#'cG is hard for a human to remember. thehorseateyellowbutterflies is relatively easy to remember.  But for a computer guessing, the latter would be far more difficult.

post #17 of 27
Quote:
Originally Posted by malax View Post

Most things that you can do with a "big computer" can be done with the big computer located elsewhere.  I suspect someone could turn a generic smartphone into a front end for this pretty easily.

This is a good example of how these kinds of vulnerabilities should be discovered, reported, and (presumably) fixed.  I'm surprised the Apple security guys didn't catch this sooner.  Or perhaps they did and how they are having a "we told you so" moment.

So someone sets up a smartphone as a front end being connected to a computer (presumably through the Internet) and manages to crack the password for... What? The Internet? He must already have that to access his "big computer located elseware". Am I missing something here? What does someone gain by cracking the password other than a hotspot that will eat up my data allowance?
post #18 of 27

With all the "stay away from geeks with GPU clusters on their back" and "just keep a close eye on your connections", there seem to be some serious misconceptions in this thread. Based on the information in this report, the following would be a more plausible scenario.

 

Let's say I go by 'Mr. Hacker', and am bored one afternoon. That afternoon, I decide to go to a place where I know mobile hotspots are in high use; like a train station. I pull out my cell phone to monitor wireless traffic and capture a WPA handshake that takes place when a wireless connection first authenticates. Oh look....there you are turning on your laptop and fiddling with your phone...any second now. Bingo...we have our WPA handshake to get us moving.

 

I then send your WPA handshake down to my retired bitcoin miner at home with more than enough GPU power to hash away at lightning speed. Less than a minute later, I now have your cracked password, with your derived PMK and PTK. So what to do next? Connect to your phone now that I know your password? Heck no! Only an idiot would do that! With your PMK, PTK, and spoofing your laptop's MAC address...as far as your phone knows...I AM YOUR LAPTOP! No new connection required.

 

What to do now? Well...let's first try to SSH and see if that bad boy was jailbroken. If so...I can do anything I want with it! Or maybe I'll just capture all your traffic to analyze for later. You would be shocked to know how many username and passwords are transmitted over unencrypted POST vars! If I'm really sophisticated, maybe I'll play a man-in-the-middle attack when you go to check your bank account. The possibilities are truly endless!


Edited by e_veritas - 6/19/13 at 1:18pm
post #19 of 27
Quote:
Originally Posted by Brian Jojade View Post

...Random letters and numbers are no more complex than strings of words for a computer to guess.  A34fD#'cG is hard for a human to remember. thehorseateyellowbutterflies is relatively easy to remember.  But for a computer guessing, the latter would be far more difficult.

Not necessarily. Password crackers incorporate dictionaries and commonly used patterns into their algorithms. A string of five randomly generated characters (even if you restrict the character set to something like lowercase letters) will always beat a five letter word or a two and three letter word put together. Though, in general you are right. It is much easier for humans to remember a string of words (even if they are randomly chosen, like they should be) than it is to remember a random string of characters.
post #20 of 27
Quote:
Originally Posted by e_veritas View Post

With all the "stay away from geeks with GPU clusters on their back" and "just keep a close eye on your connections", there seem to be some serious misconceptions in this thread. Based on the information in this report, the following would be a more plausible scenario.

 

Let's say I go by 'Mr. Hacker', and am bored one afternoon. That afternoon, I decide to go to a place where I know mobile hotspots are in high use; like a train station. I pull out my cell phone to monitor wireless traffic and capture a WPA handshake that takes place when a wireless connection first authenticates. Oh look....there you are turning on your laptop and fiddling with your phone...any second now. Bingo...we have our WPA handshake to get us moving.

 

I then send your WPA handshake down to my retired bitcoin miner at home with more than enough GPU power to hash away at lightning speed. Less than a minute later, I now have your cracked password, with your derived PMK and PTK. So what to do next? Connect to your phone now that I know your password? Heck no! Only an idiot would do that! With your PMK, PTK, and spoofing your laptop's MAC address...as far as your phone knows...I AM YOUR LAPTOP! No new connection required.

 

What to do now? Well...let's first try to SSH and see if that bad boy was jailbroken. If so...I can do anything I want with it! Or maybe I'll just capture all your traffic to analyze for later. You would be shocked to know how many username and passwords are transmitted over unencrypted POST vars! If I'm really sophisticated, maybe I'll play a man-in-the-middle attack when you go to check your bank account. The possibilities are truly endless!

 

Great scenario, its much easier to open an unencrypted Wi-fi in public places and lets any devices connect to it and then do what ever man-in-the-middle attack you want, pretty simple without any brute force key decryption. 

post #21 of 27
Quote:
Originally Posted by e_veritas View Post

With all the "stay away from geeks with GPU clusters on their back" and "just keep a close eye on your connections", there seem to be some serious misconceptions in this thread. Based on the information in this report, the following would be a more plausible scenario.

 

Let's say I go by 'Mr. Hacker', and am bored one afternoon. That afternoon, I decide to go to a place where I know mobile hotspots are in high use; like a train station. I pull out my cell phone to monitor wireless traffic and capture a WPA handshake that takes place when a wireless connection first authenticates. Oh look....there you are turning on your laptop and fiddling with your phone...any second now. Bingo...we have our WPA handshake to get us moving.

 

I then send your WPA handshake down to my retired bitcoin miner at home with more than enough GPU power to hash away at lightning speed. Less than a minute later, I now have your cracked password, with your derived PMK and PTK. So what to do next? Connect to your phone now that I know your password? Heck no! Only an idiot would do that! With your PMK, PTK, and spoofing your laptop's MAC address...as far as your phone knows...I AM YOUR LAPTOP! No new connection required.

 

What to do now? Well...let's first try to SSH and see if that bad boy was jailbroken. If so...I can do anything I want with it! Or maybe I'll just capture all your traffic to analyze for later. You would be shocked to know how many username and passwords are transmitted over unencrypted POST vars! If I'm really sophisticated, maybe I'll play a man-in-the-middle attack when you go to check your bank account. The possibilities are truly endless!

 

Thanks for filling in the actual process of how this would work.

post #22 of 27
Quote:
Originally Posted by e_veritas View Post

With all the "stay away from geeks with GPU clusters on their back" and "just keep a close eye on your connections", there seem to be some serious misconceptions in this thread. Based on the information in this report, the following would be a more plausible scenario.

 

Let's say I go by 'Mr. Hacker', and am bored one afternoon. That afternoon, I decide to go to a place where I know mobile hotspots are in high use; like a train station. I pull out my cell phone to monitor wireless traffic and capture a WPA handshake that takes place when a wireless connection first authenticates. Oh look....there you are turning on your laptop and fiddling with your phone...any second now. Bingo...we have our WPA handshake to get us moving.

 

I then send your WPA handshake down to my retired bitcoin miner at home with more than enough GPU power to hash away at lightning speed. Less than a minute later, I now have your cracked password, with your derived PMK and PTK. So what to do next? Connect to your phone now that I know your password? Heck no! Only an idiot would do that! With your PMK, PTK, and spoofing your laptop's MAC address...as far as your phone knows...I AM YOUR LAPTOP! No new connection required.

 

What to do now? Well...let's first try to SSH and see if that bad boy was jailbroken. If so...I can do anything I want with it! Or maybe I'll just capture all your traffic to analyze for later. You would be shocked to know how many username and passwords are transmitted over unencrypted POST vars! If I'm really sophisticated, maybe I'll play a man-in-the-middle attack when you go to check your bank account. The possibilities are truly endless!

 

Finally someone gets it....thanks for explaining it for us.....

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply
post #23 of 27
.
Edited by softeky - 6/19/13 at 3:31pm
post #24 of 27
Quote:
Originally Posted by softeky View Post

Doesn't it take a minute or so before iOS indicates acceptance of a hotspot password? With several hundreds thousand candidate passwords to check, that's an awfully long time wait around. It might take 50 seconds to generate the candidate passwords but it'll likely take days to find the one that works on any given hotspot (do people generally run hotspots from their iOS devices for that length of time).

Am I missing something here?

 

The vulnerability detailed in this paper has nothing to do with brute forcing a password via authentication attempts as you are suggesting. It has to do with deriving the original PSK (password) by hashing possible PSKs to match a captured WPA handshake. Normally this is a very tedious process because of the vast numbers of potential PSKs to sort through. However, this paper highlights that iOS has a high probability of selecting from a very small pool of possible default PSKs, making it easier to crack.

post #25 of 27
I hate that a regular Verizon or AT&T plan is not supported of wifi hotspot
post #26 of 27
"In the meantime, remain suspicious of strangers who move alongside you continuously..."

Hahaha
post #27 of 27
Shouldn't there be a way for the login function to shut down after say 5 wrong guesses in a row? And then give the guesses a time out for 5 minutes? And the time outs get radically longer after say the 3rd go round? I think if you try and randomly log into an iphone, it does this kind of defense. It would basically kill the option of a brute force attack.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • Researchers crack default iPhone Personal Hotspot passwords in under a minute
AppleInsider › Forums › Mobile › iPhone › Researchers crack default iPhone Personal Hotspot passwords in under a minute