| welcome to social.hackers | posts are made by Clocwork and Shadowdrifter | added some new hack diaries + podcasts |

Saturday, April 30, 2011

Router Hacking.

Todays post is on router hacking. I am not going very indepth on how
to hack routers. I will just be going over a few ways to find unsecure routers, and poorly configured routers
The simplest way is to just gain access to the network, and go commonly to
192.168.1.1 for the router page. You will encounter routers without passwords, but you should learn some of the most common
default passwords for routers just in case.

Common default passwords for any router username:password:


admin:admin.
admin:password.
admin: no password.
nothing in either username nor password.
admin:guest
guest:password

Those few password combinations will be the most commonly used. I personally used admin:admin just the other day.
Now we have logged into router so what can we do? Well the first thing we can do is enable remote management ( Remote management is the ability to control the router from a remote location); it is different
for each router, and some do not even have the option.  If you do happen to find the option; you will need to change the default
password, and make sure you allow your I.P address to connect. This is all very self explanatory when you are familiar with routers.
By the end of this post you will be well on your way to becoming an expert at router configuration.

Now its easy to find routers from just finding secure, and unsecure wireless networks to try and access. There are a lot of
routers that web interfaces are actually indexed in Google! So with a simple Google dork we can find dozens even hundreds of unsecured routers
just waiting for someone to experiment with.

Google dorks to find routers:

intitle:"SpeedStream * Management Interface"      ( Speed Stream routers )

intitle:"Setup Home" "You will need * log in before * * change * settings"  ( Belkin routers )

intitle: "actiontec" main setup status " Copyright 2001 Actiontec Electronics Inc"


Those three dorks should keep you busy for quite some time. Now there is one more method that is hit, and miss really.
If you happen to find a target. Port scan them, and look for port 23 which is by default Telnet. There are a lot of off the shelves routers with telnet
active with only the default passwords in place. Which are very similar to the default router passwords except for a select few.

Default Telnet router passwords:


guest:guest
guest:password
user:guest
admin:guest

That is all for now; may your blades stay sharp, your mind sharper! Shadowdrifter.
Posted by social.podcaster at 3:24 PM
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)