Hacking
a remote computer is always a hot topic among hackers and crackers, a
newbie hacker or someone who wants to learn hacking always ask these
questions that how to hack into a computer by just knowing the IP
address. Although we have discussed so many methods before and I always
insist to learn some basic commands, protocols and their usage. This is
my story like I have hacked into a remote by just using IP address (I
have not downloaded any file even I have not cleared the logs). This
story was not planned it just happened and I am sure you will like it
and you will learn a lot of things if you don't know the basic commands
and protocols.
It
was Saturday night and I was working hard on social engineering toolkit
remote attack (WAN,Internet attack) that is why I was playing with my
router for port forwarding and other stuffs, remember my ISP using a
dynamic mechanism so I have created DNS server to get the static IP. It
was almost night and I have decided to get some sleep and than I have
saved my browser tabs so that next time I will use them.
Its
Sunday evening I have opened my browser and the previous tabs open
automatically and then I got pop up window it asked about the user-name
and password of my router I have looked to the address bar the IP
address was same as it was saved by me, I was shocked that my ISP has
not changed my WAN IP (remember ISP using dynamic IP), after this I have
open a website about whatismyip and I have seen that my IP is different
it means the window that ask about user name and password is the IP of
another computer.
Just got an idea why not to brute force it and get the access on the victim router, hydrahas
been discussed before, but before brute force I have decided to use
guessing technique and I than I have entered so many combination but
failed than I just used the default user name and password huurraaah I
was in.
Security
was very low, than I did a quick nmap scan to get the open ports
(remember I have turned off the firewall of victim router). According to
the nmap result ftp and telnet was open and then I realized how
vulnerable this victim is.
I
came across to my terminal and open telnet to the victim by using the
default password and I was in and now I was able to take control of this
computer but this was not include in the plan.
FTP
(file transfer protocol), I came to my terminal again and this time I
have used FTP command with the same combination of user name and
password and successful. Remember FTP access means you can download and
upload files on remote computer means full access. You can use some GUI
ftp client but I used command.
Countermeasure
- Always use a strong password
- Turn on your Firewall (both on router and computer)
0 comments:
Post a Comment