Almost half of the Internet users across the globe use ADSL routers/modems to connect to the Internet however, most of them are unaware of the fact that it has a serious vulnerability which can easily be exploited even by a noob hacker just like you. In this post I will show you how to exploit a common vulnerability that lies in most ADSL routers so as to gain complete access to the router settings and ISP login details.
Every router comes with a username and password using which it is possible to gain access to the router settings and configure the device. The vulnerability actually lies in theDefault username and password that comes with the factory settings. Usually the routers come preconfigured from the Internet Service provider and hence the users do not bother to change the password later. This makes it possible for the attackers to gain unauthorized access and modify the router settings using a common set of default usernames and passwords. Here is how you can do it.
Before you proceed, you need the following tool in the process
Here is a detailed information on how to exploit the vulnerability of an ADSL router.
Step-1: Go to www.whatismyipaddress.com. Once the page is loaded you will find your IP address. Note it down.
Step-2: Open Angry IP Scanner, here you will see an option called IP Range: where you need to enter the range of IP address to scan for.
Suppose your IP is 117.192.195.101, you can set the range something as117.192.194.0 to 117.192.200.255 so that there exists atleast 200-300 IP addresses in the range.
Step-3: Go to Tools->Preferences and select the Ports tab. Under Port selectionenter 80 (we need to scan for port 80). Now switch to the Display tab, select the option “Hosts with open ports only” and click on OK.
I have used Angry IP Scanner v3.0 beta-4. If you are using a different version, you need to Go to Options instead of Tools
Step-4: Now click on Start. After a few minutes, the IP scanner will show a list of IPs with Port 80 open as shown in the below image.
tep-5: Now copy any of the IP from the list, paste it in your browser’s address bar and hit enter. A window will popup asking for username and password. Since most users do not change the passwords, it should most likely work with the default username and password. For most routers the default username-password pair will be admin-admin or admin-password.
Just enter the username-password as specified above and hit enter. If you are lucky you should gain access to the router settings page where you can modify any of the router settings. The settings page can vary from router to router. A sample router settings page is shown below.
If you do not succeed to gain access, select another IP from the list and repeat the step-5. Atleast 1 out of 5 IPs will have a default password and hence you will surely be able to gain access.
What can an Attacker do by Gaining Access to the Router Settings?
By gaining access to the router settings, it is possible for an attacker to modify any of the router settings which results in the malfunction of the router. As a result the target user’s computer will be disconnected from the Internet. In the worst case the attacker can copy the ISP login details from the router to steal the Internet connection or play any kind of prank with the router settings. So the victim has to reconfigure the router in order to bring it back to action.
The Verdict:
If you are using an ADSL router to connect to the Internet, it is highly recommended that you immediately change your password to prevent any such attacks in the future. Who knows, you may be the next victim of such an attack.
Since the configuration varies from router to router, you need to contact your ISP for details on how to change the password for your model.
6 comments:
not working
can you define the error you're facing?
What if I already had the persons ip that I want to ummmmmm annoy?
great dude i just hacked one... What will happen if i changed the password? Will they know about it?
Hi, My name natasha and i just want to share my experience with everyone. I have being hearing about this blank ATM card for a while and i never really paid any interest to it because of my doubts. Until one day i discovered a hacking guy called Edwin. he is really good at what he is doing. Back to the point, I inquired about The Blank ATM Card. If it works or even Exist. They told me Yes and that its a card programmed for random money withdraws without being noticed and can also be used for free online purchases of any kind. This was shocking and i still had my doubts. Then i gave it a try and asked for the card and agreed to their terms and conditions. Hoping and praying it was not a scam. One week later i received my card and tried with the closest ATM machine close to me, It worked like magic. I was able to withdraw up to $3000. This was unbelievable and the happiest day of my life. So far i have being able to withdraw up to $28000 without any stress of being caught. I don’t know why i am posting this here, i just felt this might help those of us in need of financial stability. blank Atm has really change my life. If you want to contact them, Here is the email address benson.blankatmcard@gmail.com . And I believe they will also Change your Life.
we should always use the routers which are more secure to avoid it. otherwise be ready to face loss of your internet data by neighbor. to know more about it. u check over here
Post a Comment