Hiya - i gots into someones wireless router with the default password and I dont know what to do now. It a really fast cable connection any ideas would like to use it somehow. It shows a PC on the network but promps me for a username and password that i dont know. Can any of you computer wizzes point me in the right direction as this is exciting

lol just their bandwidth!!

try c$'ing their pc

not sure how to c$ into the PC since i cant get past a login prompt. How about trying to crack the password with one of them script kiddie programs (any recommendations for programs that run on winblows) Then once i get in run a Tor server or something like that hell they wouldnt even know.

try start > run then type in

\\ip address of other pc here\c$

its ip address will most probably be very similar to yours, if you can browse to it in network connections note it's name then resolve it to get its ip in a command prompt.

Man in the Middle.

\\IP\c$ didnt work.

Man in the middle sounds interesting. Is there a easy way to redirect their PC traffic throught my computer with some sort of canned scripted kiddie program cause thats what i am and dont claim to be anything but.

download this http://www.wireshark.org/download.html it lets you examine what they're network traffic is. you do realise they could be pulling a stunt on you lol!!

Ya - i thought about that but i changed the password on the router login and its still working. Looks like they got like a 8MB down cable connection.

I will fire up wireshark and see it i can see anthing. Not sure what i am looking for maybe a plaintext email password or some shit although most web mail or login pages are SSL.

1. Point the DNS Server to a rogue DNS server that you own and resolve google.com to your IP address to make it appear as if you hacked google (by setting up a HTTP server on your IP and hosting a page that says you hacked google as the index). (It may take some time considering chache and other problems). (You can also use this attack for 100% flawless phishing.) This attack alone can lead to r00ting the box. For example you could tell them they have to download a security update to access google and this .exe that they run edits hosts.txt and associates www.google.com with google's IP Address thus restoring access to google and it also installs a reverse connect trojan. Just an idea.
2. Find the page that you can set ISP account details. Right click, view source, find their ISP username and password. You now have their ISP account. Using a nice D-Link router run the ISP Setup Wizard and choose their ISP, enter their account details. D-Link will handle setting up the settings for the ISP account. You now have internet access using their account.
3. Port forward all ports to their machine (So you can access services on their machine from the internet, it will be easier to crack them). This can be accomplished by turning DMZ on.
4. Have some fun with their filters. Block/allow web sites.
5. Setup a Dynamic DNS system so that you NEVER loose access to this system.
6. Some kind of MIT attack by modifying settings such as gateway.
7. If the router has a telnet service AND the router has a telnet command then you can use this system to break into other computers FROM. This adds another layer between yourself and your target. Then use the web interface to erase the log files of the router.
8. This is not hacking.

Hey thanks for the reply. So if i fire up 2008 server in a VM, run DNS, change the LAN network and create a scope with DHCP options pointing toward my DNS server is that a start :-). Looking at the DHCP client table in the router it appears the target computer to be hardwired directly to the router. mmm.... maybe point the router toward my server????

come on guys step up and help me here!

Hey thanks for the reply. So if i fire up 2008 server in a VM, run DNS, change the LAN network and create a scope with DHCP options pointing toward my DNS server is that a start :-). Looking at the DHCP client table in the router it appears the target computer to be hardwired directly to the router. mmm.... maybe point the router toward my server????

come on guys step up and help me here!
If you had any basic networking knowledge and a good imagination then this would be a walk in the park for you.

I hope you understand that DHCP is just for lazy ass holes that don't want to configure their TCP/IP options for every computer on their network so they have it assigned with DHCP. This may be good, if you can change the DNS server options in the router's DHCP settings, then EVERY computer on their network will use YOUR DNS server to resolve domains to IP addresses.

This is really were your fun begins. Download WAMP. It stands for Windows Apache MySQL and PHP. You now need to create an index page that looks authentic and has a message like www.google.com requires a compulsory security update in order to use our service. You can download it here: LINK TO YOUR CUSTOM CODED TROJAN.exe

Now what you need to do is point www.google.com to your WAN IP, THIS IS EXTREMLY IMPORTANT. If you understand anything about networking then setting the DNS to your local IP will not work over the internet (this also means you won't be able to test your DNS attack locally but this attack is trivial.)

(Insert HTTP and DNS server port forwarding instructions here.)

You have now hijacked google.com and gained remote access to their box all by cracking their router. I can think of other attacks but I don't want to spoon feed you and also the above attack was based on some of my research so your lucky I am helping you out. Like I said before: this attack can theoretically be used for 100% flawless phishing (not to mention you can see all the sites they request and create DNS entries for that, I also wrote a PHP script which would detect the domain name on the server and display the appropriate page based on the domain, so if they request myspace it would load a phiser and if they request google it would load the security update page. So this attack is quite powerful.)


Sorry, but I didn't really read your post. I hope this helped.

Ok... So i create a bogus A record to google.com directing to my "owned site" gotcha.... forward all other html requests, watch and sniff traffic... but what does this get me. What i would like to do is utilize their bandwidth in some way or another

bunch of fuckin wanna be's with now answers. thanks for you help i appreciate it my friend!

bunch of fuckin wanna be's with now answers.


LOL... are you seriously going to go that route?

EDIT: Also, the things you can do with a router, depend on the manufacturer and the model of the router. Some routers are very simple and really don't have many options. Some are a lot more complex, thus having tons of options and tools.

LOL... are you seriously going to go that route?

EDIT: Also, the things you can do with a router, depend on the manufacturer and the model of the router. Some routers are very simple and really don't have many options. Some are a lot more complex, thus having tons of options and tools.

This.

Just playin so... dont take this script kiddie to seriously.

OK... lets focus on the router. My main concern here is to utilize his bandwidth. Can i create some sort of LAN with compromised boxes to filter internet data along with a rouge DNS server without installing some sort of server on his machine.

Just playin so... dont take this script kiddie to seriously.

OK... lets focus on the router. My main concern here is to utilize his bandwidth. Can i create some sort of LAN with compromised boxes to filter internet data along with a rouge DNS server without installing some sort of server on his machine.

You seem to not have comprehended my meticulous instructions. Everything you want to know is already in this thread. Including how to "utilize his bandwidth" refer to my information on stealing and using his ISP account this will "utilize his bandwidth".

Alright - i will take a look. Cant help it if i am a little slow sometimes. Any other suggestions would be appreciated.

Alright - i will take a look. Cant help it if i am a little slow sometimes. Any other suggestions would be appreciated.

Alt + 7.

Alt -7 all you want. Some useful information would help as i suspected this board is useless...

Alt -7 all you want. Some useful information would help as i suspected this board is useless...

I will code you anything you can think of. Reverse connect trojans, port scanners, DoS toolz, etc. If you take a plane to Australia, come to my house and fap my penis.

Great i hacked my way into the computer on the network using the admin account and a blank password (i am good). Know what do i do.

Great i hacked my way into the computer on the network using the admin account and a blank password (i am good). Know what do i do.

/facepalm

Great i hacked my way into the computer on the network using the admin account and a blank password (i am good). Know what do i do.

Tr0ll.