Wednesday, 17 April 2013

Hack Remote Ethernet ADSL Router


Hack Remote Ethernet ADSL Router - Free Your ADSL Internet

IntroDuction :-

An ADSL router is also known as a DSL modem
The router is used to connect the computer to the DSL phone line for using the ADSL service. 
BSNL and MTNL rolled out many ADSL router cum modem during the peak days of rising internet customers in India.


These ADSL routers have a serious vulnerability in them, which most of you are not aware off .
In this post I will show you how to exploit this common vulnerability that lies in most ADSL routers so as to gain complete access to the router settings and ISP login details.



Hacking Remote ADSL Routers ( DSL modems ):-

Every DSL modem (router) comes with a user name and password using which it is possible to gain access to the router settings and configure the device.

The vulnerability actually lies in the Default user name and password that comes with the factory settings.

Usually the routers come preconfigured from the Internet Service providerand hence the users do not bother to change the password.

This makes it possible for the attackers to gain unauthorized access andmodify the router settings using a common set of default user names and passwords



Things Required :-

1. IP Scanner - To scan IPs
2. X-Pass
3. If you don't have Java installed , Download and Install Java , Click Here
4. Internet Explorer


Beginning with Scanning

1. Go HERE ,and note your IP address.

2. Open Angry IP scanner it will look like this:


3. Here you will see an option called IP Range, Now you will need an IP Range. Which is a range or a list of IP's you will have the IP scanner to scan.

4. So lets say your IP is 117.192.195.101 and you want to look for a vulnerable router in your area, you would set the range as 117.192.194.0 to 117.192.200.255 and that will give you a solid list of 100+ IPs in your area or generally close to your area.

5. Now Go to Tools->Preferences


6. Then under the under the ports tab under Port Selection type 80 'cos we will be interested in hosts with port 80 opened:


7. And on the display tab choose "Hosts with open ports only":


8. Then click OK to save the preferences and click start.

9. After a few minutes the scanner will show a list of  Ips with port 80 open.


10. Now just select one of the IP addresses and open it with INTERNET EXPLORER!!!



11. A webpage will open asking for a username and password, this is the login to their router

12. Now the trick is to abuse the fact that most people are too stupid to change their routers default factory setting router login details. 
So when it asks for a password and username try the most common router default logins which are: 

   UN          PwD
--------------------
admin -  admin  
admin -  password 
admin -  Leave the password blank.

13. Just enter the username-password as specified above and hit enter ,

If you are lucky you should gain access to the router settings page where you can modify any of the router settings. 
The settings page can vary from router to router. 
Here is the screenshot of one of the hacked router with default password settings.


14. If you do not succeed to gain access, select another IP from the list and repeat the step-13. At least 1 out of 5 IPs will have a default password and hence you will surely be able to gain access.

Exploitation 

Now for most of the routers you can find username in plain text and password covered with *'s when setting up a new connection, so just look for something that says connection wizard or connection setup, and follow the steps till you find the username and password as mentioned.

So why did we use Internet Explorer for this??

Because XPass works only with IE, we couldn't figure the pass out if we used Firefox or Chrome or Opera.

And now when we have the page where username and pass. are just open XPass click on the X sign and drag it over the *'s and you will have this:



Bingo, You Found The Username and Password 
password in this case is: 854179 

Finally You Steal an Internet Connection ,Now You can copy the ISP login details and close (logout)the Router Settings Page.

Now Login with The victims username and password and get unlimited download and Browsing.


Counter Measures:-


Most of the home routers are left out in default configuration state & can be hacked easily. The password vulnerability can easily exploited which later can result in havoc for a user. A little bit of user awareness is required to keep themselves safe.

1. If you are using an ADSL router to connect to the Internet, it is highly recommended that you immediately change your password to prevent any such attacks in the future. 
Since the configuration varies from router to router, you need to contact your ISP for details on how to change the password for your model.

2. Keep strong passwords rather than plain one's that can be easily guessed or brute forced.

3. Keep monitoring your routers logs.

4. Some new routers have option to disable remote access. It is recommended to disable any such remote access doors.

That's all. Stay safe and Be secure !

Warning!
All the information provided in this post are for educational purposes only. Please do not use this information for illegal purposes.

2 comments:

  1. Fida Hussain Bhai please a trick for PTCL 3g Evo usb, hack or signal strength please, i am waiting for your reply, thank's in Advance.

    ReplyDelete
  2. this technique not working on ptcl routers

    ReplyDelete