Nearly half of Internet users worldwide using ADSL routers / modems to connect to the Internet, however, most of them ignore the fact that he has a serious vulnerability that can be easily exploited by a pirate, even a beginner just like you. In this post I will show you how to exploit a vulnerability that is common in most routers, ADSL, so you have full access to the router settings and ISP login details.
Each router comes with a user name and password using which you can access the router settings and configure the device. The vulnerability is actually the username and password that comes with default settings. Typically, routers are preconfigured by the ISP, so users do not care to change your password later. This allows attackers to gain unauthorized access and change settings on the router using a common set of user names and passwords by default.Here is how you do.
Before you begin, you need the following tool in the process
Angry IP Scanner
Here is detailed information on how to exploit the vulnerability of a router ADSL.
Step 1: Go to www.whatismyipaddress.com. Just load the page you will find the IP address.Write it down.
Step 2: Start Angry IP Scanner, you'll see an option called IP range: you must enter the IP address range to scan.
Let's say your IP is 117.192.195.101, you can set the order as something to 117.192.194.0 117 192 200 255, so there is atleast 200-300 IP addresses in the area.
Step 3: Go to Tools-> Preferences and select the Ports tab. Under Select the port insert 80 (should be looking for port 80). Now, go to the View tab, select the "Breakfast with the only open ports" and click OK.
I used Angry IP Scanner v3.0 beta-4. If you use a different version, you must go to Tools Options, instead of
Step 4: Click Start. After a few minutes, the scanner will display a list of IP addresses using port 80 open as shown below.
Step 5: Now copy any of the IP in the list, paste it into the address bar of your browser and press enter. A pop-up asking the user name and password. Since most users do not change their passwords, more work is probably with your username and password by default. For most routers default user name, password pair that is an administrator or manager-admin-password.
Simply enter your username and password, as defined above and press Enter. If you're lucky, you will need to access the settings page of the router where you can change the router. This page settings may vary from router to router. The router's configuration page sample below.
If you do not have access, select a different IP from the list and repeat step 5. Atleast 1 of 5 IPs will be a default password, and then it will definitely be able to access.
What can an attacker with access to configure the router;By accessing the settings router, it is possible for an attacker to change the router settings which leads to dysfunction of the router. Consequently, the computer user's goal will be disconnected from the Internet. At worst, the attacker can copy the connection information from the router ISP to steal the internet or play any kind of joke with the settings of the router. While the victim must reconfigure the router to bring it into action.
The verdict:If you use a router ADSL to connect to the Internet, it is strongly recommended an immediate change of your password to prevent any attack in the future. Who knows, could be the next victim of such an attack.
Since the formation varies from router to router, you should contact your ISP for details on how to change your password for your model.
Caution!All information in this post is for educational purposes only. Please do not use this information for illegal purposes.
Each router comes with a user name and password using which you can access the router settings and configure the device. The vulnerability is actually the username and password that comes with default settings. Typically, routers are preconfigured by the ISP, so users do not care to change your password later. This allows attackers to gain unauthorized access and change settings on the router using a common set of user names and passwords by default.Here is how you do.
Before you begin, you need the following tool in the process
Angry IP Scanner
Here is detailed information on how to exploit the vulnerability of a router ADSL.
Step 1: Go to www.whatismyipaddress.com. Just load the page you will find the IP address.Write it down.
Step 2: Start Angry IP Scanner, you'll see an option called IP range: you must enter the IP address range to scan.
Let's say your IP is 117.192.195.101, you can set the order as something to 117.192.194.0 117 192 200 255, so there is atleast 200-300 IP addresses in the area.
Step 3: Go to Tools-> Preferences and select the Ports tab. Under Select the port insert 80 (should be looking for port 80). Now, go to the View tab, select the "Breakfast with the only open ports" and click OK.
I used Angry IP Scanner v3.0 beta-4. If you use a different version, you must go to Tools Options, instead of
Step 4: Click Start. After a few minutes, the scanner will display a list of IP addresses using port 80 open as shown below.
Step 5: Now copy any of the IP in the list, paste it into the address bar of your browser and press enter. A pop-up asking the user name and password. Since most users do not change their passwords, more work is probably with your username and password by default. For most routers default user name, password pair that is an administrator or manager-admin-password.
Simply enter your username and password, as defined above and press Enter. If you're lucky, you will need to access the settings page of the router where you can change the router. This page settings may vary from router to router. The router's configuration page sample below.
If you do not have access, select a different IP from the list and repeat step 5. Atleast 1 of 5 IPs will be a default password, and then it will definitely be able to access.
What can an attacker with access to configure the router;By accessing the settings router, it is possible for an attacker to change the router settings which leads to dysfunction of the router. Consequently, the computer user's goal will be disconnected from the Internet. At worst, the attacker can copy the connection information from the router ISP to steal the internet or play any kind of joke with the settings of the router. While the victim must reconfigure the router to bring it into action.
The verdict:If you use a router ADSL to connect to the Internet, it is strongly recommended an immediate change of your password to prevent any attack in the future. Who knows, could be the next victim of such an attack.
Since the formation varies from router to router, you should contact your ISP for details on how to change your password for your model.
Caution!All information in this post is for educational purposes only. Please do not use this information for illegal purposes.
No comments:
Post a Comment