Tuesday, August 18, 2009

Hack the most out of Sify Broadband

Share Orkut

Sify Broadband customers, this post is for you.

Most of Sify Broadband customers are on a switched network, making MITM attacks very much possible, some network admins have secured their networks against this kind of attacks, but there still exists the main Flaw in Sify.


(NOTE: THIS ARTICLE IS MEANT FOR EDUCATIONAL PURPOSE ONLY. I WILL NOT BE HELD RESPONSIBLE FOR ANY HARM DONE BY YOU TO YOURSELF OR ANYONE.)

Main flaw in Sify : Their authentication system.

How does Sify authentication system work ?

Sify authenticates a client by checking the following parameters.

1] Username
2] Password
3] IP address
4] MAC address

If any of the above is not matching with the records in their database, you are not logged on.

So whats the flaw ? Everything seems so perfect.
Well suppose Mr. X and Mr. P are friends who have a sify connection, but Mr. P's prepaid account has expired. All he has to do is find out when Mr. X is online and change his IP and MAC address to that of Mr. X. That will get him online on Mr. X's broadband account.

The above means that, if you can find someone who is logged into his Sify Account then you can piggyback on his session and access the Internet. This is also termed as session hijacking. All you need is a IP and MAC address. Username and password are not exactly required if you want to use someone else's connection provided that he/she is logged on.

Method 1:
Search on Google for IP and MAC scanners, I'm sure there are plenty of them out there. A good MAC changer would be Technitium MAC Changer, and you could use Angry IP scanner for getting MAC address and IP address.

Method 2:
Another way to get the IP and MAC is to get control of your switch.

How do I do that ?
Note that your switch is always located at your gateway IP address.
Connect to the switch by typing "telnet 10.xxx.xxx.1" (replace this with IP Address of your switch)
The switch will now ask for a password, go to Governmentsecurity.org for a list of default login and passwords.

Look around the switch to search for the command where all the IP and corresponding MAC are listed.

2 comments:

Fakeer said...

i've been enjoying this for some 5-6 months.. recently local sify guys unplugged my cable and then i recharged again.. :)
right now a friend of mine is doing the same .. we both get same speed though.. ( i wasn't case when i was piggybacking a friend..couldn't figure out how)
nice post.. however etherchange does the job a lot better.. esp. on vista where resides this obnoxious UAC..

prixti said...

I loved the feature where you could save IP / MAC combination configuration, so next time you don't have to go and find out the MAC again.

After a while I got so many configs that I could remain online for 24 hours. ;)

Post a Comment

Write your comment here