Your PLDT WiFi can be hacked

Your PLDT WiFi can be hacked  – you should change your PLDT wifi password right now.

It might be common knowledge to many in the IT industry, but your average Juan or Juana aren’t aware that their WiFi network is at risk. For this post we’ll talk about PLDTMYDSL specifically.

After the technician finishes the setup of your internet connection and leaves your house, they would have left you your pre-installed WiFi password. And there’s a big chance that password is insecure and easily hackable. To check this, follow the steps below:

If you don’t want to fiddle with the command terminal in your mac or windows machine, download a wifi analyzer app like: https://play.google.com/store/apps/details?id=com.farproc.wifi.analyzer&hl=en (as of ios 11, apple has blocked any app from accessing MAC addresses in the ARP table)

pldtdsl-wifianalyzer

In the display you’ll be able to see the MAC address of different access points. To get the password of an insecure wifi hotspot, follow this formula.

  • PASSWORD = PLDTWIFI+last 5 digit of MAC address
  • Last 5 digit of MAC address = (00:13:33:3c:1b:c8) = C1BC8
  • PLDTWIFIC1BC8

Bonus points: Type this in your browser – http://192.168.1.1 (adminpldt – 1234567890).

That’s it! I’m not sure why PLDT does this, and why they don’t just ask their clients what password they wanted in the first place.

If you or your organization is concerned about network security, let NullForge test the resiliency of your wireless networks.

Comments