Jump to content
Vodia PBX forum
5953lc

Owning VOIP Phones With Zero Clicks via malicious web payload

Recommended Posts

If you leave the default password on phones, well don't be surprised if someone takes them over. We get criticized for provisioning long passwords, but articles as the one you mention make again clear that this is necessary.

Share this post


Link to post
Share on other sites

This is what I use ... https://www.grc.com/ppp.htm

 

Each time you load the page, a new, unique, high-quality, pseudo-random 256-bit PPP "Sequence Key" whenever this page is displayed or refreshed thus generating another set of random passwords (Using 4-characters per passcode, 16,777,216 passcodes are possible, but you can, and should use 6 or 8 characters for even better security).

 

You can then print out a list of random easily readable passwords ...

 

Just set the password length to less than the maximum password length your using and "voila"

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...