Saturday, 18 June 2011

Accesing Routers

Routers are devices which is used to route data on a network, it decides where certain traffic should be sent to. Routers acts as a gateway to the Internet and is use by most people these days to access the Internet instead of Modems. A client PC could either be connected to the Router through a LAN cable of with a Wireless card. Routers are mostly configured though a web based system or with a command prompt window (cmd).

Most home users with ADSL use Routers as their gateway to the Internet.

Some Routers are configured so that it can only be administered though the Web based system when your are connected to the Routers local network - the internal LAN.Connecting to the Router you will use your web browser. A typical router IP address would be 192.168.0.1. So this would be the address to use to connect to the Router though a browser: http://192.168.0.1/

If you are using a Router as your Internet gateway try connecting to it. Remember the routers IP address could differ from the example above. If you don't know your Routers IP address goto command prompt and type in: ipconfig

Your local area connection gateway address will be your Routers IP address. Remember the Router is your gateway to the Internet.

When you are connected to your Router though the web based system it will ask you a username and password. If you know the login details use it to log into the Router. If you do not know the login details you can try the default login details as set by the Router manufacturer. Have a look at this list with default login details.

In your Routers configuration you can set settings which the Router uses the connect to the Internet, security settings, local LAN configurations, DHCP settings, port forwarding, statistics and information about the Router status and many more.

Accesing a Router though a command prompt windows can be achived by going to command prompt (cmd) and typing in:

telnet 192.168.0.1 23

23 is the port which the Router will be access with.

You can access someone else's Router over the Internet, login and change settings or even steal their ISP ( internet service provider ) details. When you Telnet to a Router and it brings up the login screen it sometimes will show you what make and model the Router is. Then check the default password list and see if you can login with those default login details and obtain access to the Router. If the person who's Router it is has not changed the Router's default login details you should be able to access the Router easily. Most home users do not change the default passwords. When you access someone else's Router over the Internet, you can change settings, forward ports, reset the Router or even steal their ISP ( internet service provider ) details.

Now if you are able to get into a Router, ADSL router in this case, you will be able to get the hosts ADSL username and password. The password would be masked and hidden behind **** 's but if you right click on the page and look at the source the password most of the time is displayed in clear text. Otherwise use a program like RevelationV2 to unmask the password.

Telnetting to a Marconi ADSL Router with the CX82310 chip from Conexant on port 23 will give the following output:

01/01/99 CONEXANT SYSTEMS, INC.=20 00:04:10 ATU-R ACCESS RUNNER ADSL TERMINAL (Annex A) 3.21 = =20 =20

LOGIN PASSWORD>

And logging into the Router will bring up the main menu:

01/04/99 CONEXANT SYSTEMS, INC. 02:00:45
ATU-R ACCESS RUNNER ADSL TERMINAL (Annex A) 3.29

MAIN MENU

1. SYSTEM STATUS AND CONFIGURATION
2. ADSL MENU

4. REMOTE LOGON

Q. LOGOUT

ENTER CHOICE-->

This specific Marconi Router has a vulnerability which if you Telnet to the Router on port 254 ( as shown above ) and the enter key is pressed ( blank login password ) you will gain access to the Router. In this menu you will be able to remotely reset to factory settings, allowing a permanent denial of service attack until reconfigured manually.

Another vulnerability of this Marconi Router is that when you connect to the Router with the web based GUI ( graphical user inteface ) you will be able to see the ISP password when viewing the webpage source. http://192.168.10.200/Bconfig /System.sht

0 comments:

Post a comment