|
|||||||
| Newbie Area Welcome to the BackTrack Forums! Please check this section and post to it if you are new to BackTrack, the Forums, or both. |
 |
|
|
LinkBack | Thread Tools | Display Modes |
10-02-2008, 04:25 PM
|
||||
|
||||
Brute Force A Router??
This was a question possed to me by a co-worker of mine. We both are computer techs at a small company. Nothing major mainly just removal of viruses and spyware, and general up keep of home computers. After doing a deminstration of why you need to have a bit of a complex WPA key for your home network my co-worked asked me if someone got into the network would they be able to get the password to the router and change your settings locking you right out of it and allowing them self full control of the router unless it was reset? Im sure there is a way but I was wondering if someone would be able to point me in the right direction of how to do that. I think that would really be a great idea for a add on step to that demistration. Thank you all.
|
|
10-02-2008, 04:41 PM
|
||||
|
||||
Yes, it's trivial. Once the attacker is on the WLAN, they can easy attack any device on the WLAN/LAN, including the router. As to how, they could:
__________________
Thorn “Never try to teach a pig to sing; it wastes your time and it annoys the pig.” - Robert Heinlein
|
|
10-02-2008, 05:44 PM
|
|||
|
|||
|
Quote:
__________________
I like the bleeding edge, but I don't like blood loss.
|
|
10-02-2008, 06:39 PM
|
||||
|
||||
|
Well since its asked to me by a computer tech I would imagin that if I were to use a sniffer then he will just say well if I never log in after my original setup then no packets are there to be sniffed. Since brute force would really be the way to go if the people on the network ever log into the router. What program would I go about researching for that? I have never done a brute force attack so any advice would be helpful.
|
|
10-02-2008, 06:44 PM
|
||||
|
||||
|
Quote:
__________________
Thorn “Never try to teach a pig to sing; it wastes your time and it annoys the pig.” - Robert Heinlein
|
|
10-12-2008, 09:56 AM
|
||||
|
||||
|
Anyone know of a good tutorial on either hydra or medusa?
|
|
10-12-2008, 12:14 PM
|
||||
|
||||
|
Quote:
enjoy! Hydra :benjy-blog.blogspot.com/2008/09/hydra-gtk-video.html Medusa : benjy-blog.blogspot.com/2008/09/medusa-video.html ++
__________________
http://benjy-blog.blogspot.com
|
|
10-12-2008, 12:39 PM
|
||||
|
||||
|
Quote:
|
|
10-12-2008, 12:52 PM
|
|||
|
|||
|
also remember that statistically speaking many people use the same passwords or a mangled form of that password for many applications. So if you sniff out the admins gmail pw there is a good chance that the ap pw will be the same or very similer. You could also DOS the router untill you force someone to log in and check it out.
One thing I've been wondering about, is there any way to fool a router into thinking that a WLAN client is actually physically connected to the router? One would think that if you can fool clients into thinking that your comp is a router that it should be just as easy to fool a router into thinking that you are a wired client.
__________________
Morpheus: "You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland and I show you how deep the rabbit-hole goes." Neo: "What if I take both?" Morpheus: "Don't do that! You end up like Nick Nolte!"
|
|
10-12-2008, 01:02 PM
|
||||
|
||||
|
Okay now this is prob going to come back and haunt me after posting this but I have to ask what is DOS? The only thing that keeps coming to mind is the old school prompt based OS before Windows. Im pretty sure Im not right, but being that Im still kinda new to the cracking and pentesting thing I ask.
|
|
| Bookmarks |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 12:31 AM.
