Router Cracker Application
Posted by Pedro in News, Others on Nov 17th, 2009 | 7 comments
Recently I’ve read a internet article on “How To Crack Thomson/Speedtouch Password”, I got pretty surprise for the simplicity and how easy you could retrieve the router default password + SSID, using the serial number. Of course if you want to steal your neighbor’s internet it won’t be as much simple has you think, it requires that you know your neighbor router serial number OR that you find a online website which already generated a hand full of serials, from all years (07-09) and this way you can get the default password using the SSID (usually appears next to the wireless network name).
After reading carefully the explanation about cracking the router I decided to quickly code a application capable of retrieving the router Default Password and SSID, unfortunately it will work only if you know the routers serial number. Maybe in a future version you will be able to get the data using only the SSID. Subscribe to this post if you want to get updates.
Below I leave you with the details:
My Application + Download
The application I developed is fairly simple:
Once you’ve inserted the serial in the first box, you will be able to get both password and SSID.
I included also a feature which let’s you Add/Save/Load a list with all of your serials.
Download APP
Size: 335.99kb
MD5: e208a1f851b8acf01f7f3ff4fe6436b0
Link: Thomson Cracking Application
Serial Number Explanation
Using the Thomson/Speedtouch serial number (example: CP0817AH1AB (A1) ), we are able to discover, not only the default password of the router but also the SSID
CP YY WW PP XXX (CC)
Each item has it’s own significance:
YY - Year of Production
WW – Production Week
PP – Product Code
XXX - Unkown
CC – Configuration Code
The XXX value, is unknown and must always be composed by capital letters and numbers.
Cracking Step-by-step
Let’s use the serial number “CP0817AH1AB” as an example:
- Remove the PP (AH) and it will result in CP08171AB
- Convert the 1AB to hexadecimal (below is a delphi example)
code := '1AB'; for I := 1 to strlen(PChar(code)) do begin c := ord(code[i]); hex := hex + IntToHex(c,1); end;
- The c0nverstion will result in 314142, add this to the part we left behind CP0817314142
- Now you need to create the SHA1 hash code of the last result (CP0817314142), which will be bc8c18aec9e740c37be79e7f2058c50fd922e4bb
- bc8c18aec9 -Is the default router password (WEP/WPA)
- 22e4bb -Is the SSID of the router
These few steps are all that’s necessary to crack a Thomson/Speedtouch router.
Source: http://fodi.me/internet/algoritmo-chaves-wireless-thomson-meo/ (Portuguese)
7 Responses to “Router Cracker Application”
Leave a Reply
About Me
podes enviar-m sff a app ? n consigo atraves do rapidshare da erro
..
gd abraço obrigada
Ok, já mandei o e-mail
post mt fixe!
mas realment dava mm jeito era haver a possibilidade de introduzir o ssid… ha alguma maneira pra isso?
há sim, a base de dados demora bastante tempo a ser criada, eu irei pô-la aqui assim que possivel
I admire the valuable information you offer in your articles.I enjoying reading your post. You make 100% valid points in a concise and pertinent fashion, I will read more of your stuff, thank you for your time.
Refreshing webpage. My friends and I were just talking about this the other night. Also your site looks excellent on my old sidekick. And thats rare. Nice work.
Complicado não é, demora um bocadinho visto que tenho de criar uma base de dados de hashes, a conversão contrária não é possivel, SHA1 é "one way encryption".
Eu irei fazer isso daqui a 1 ou 2 dias.