Exploiting MoCA to Hack into Lan/Wan

[Corrosive]

I found a somewhat old article that proves to be a good read. I thought others here might find it interesting.

MoCA is used in the Dish hopper/Joey installations and I'm sure it's used in other networks as well. The general idea is that because MoCA allows internet/Ethernet packets to be piped over the same coax as your satellite video feed you can break the line back out and access the raw packets.

Allowing you to access the local network and/or internet from the coax on the side of the building. From there an attacker could target anything on the network.

https://www.defcon.org/images/defco...MoCA-an-Automated-Penetration-Platform-WP.pdf

 

[harshness]

It is imperative not to confuse DISH's MoCA (or DIRECTV's "DECA") with FIOS' or cable's version of MoCA. They use significantly different frequency bands so the MoCA adapters aren't interoperable.

Hopper nodes don't pass MoCA out to the antenna so if your node is indoors, you should be relatively safe (safer than having Wi-fi anyway). DIRECTV's system more readily supports splitting outdoors so that could be a problem if it is installed that way.

If you have Joey (or Genie Mini) cabling running outside your home, you run a higher risk (assuming that the predator has an appropriate adapter), but again, perhaps not as high as having Wi-fi active.

 

[Corrosive]

I don't see many installs with the node indoors, sure it happens but quite frequently it's outside. Though I would agree the chance of someone just breaking into your wifi connection is greater. I just found it interesting to see that someone had the forethought to try and attack MoCA based networks.

WPS is now supported on nearly every router/gateway on the market and that was broken from day one.