Page 1 of 1

crack router login and password

PostPosted: Sat Sep 17, 2016 1:33 pm
by IONx64
Hello dear friends,

I have Ericson wifi Router which gave my ISP , where i have internet from, they not give me user and password to get on, i want to change my wifi name and password myself but can not because of that.

I have created bootable usb drive with Kali linux 2016.2. I booted from live and tried hydra and rockyou.txt but did not help me it. i do want to change name and password myself.

Can you help me friends? Tahnks and sorry if i am posting on wrong place..

Re: crack router login and password

PostPosted: Mon Sep 19, 2016 3:22 pm
by cyberdrain
You'll need to scan for vulnerabilities in the software first or find them yourself, that is the easiest way. If that doesn't work, you can try brute forcing, like you're attempting. Of course that doesn't usually work either if the first doesn't, so you're likely stuck with trying to get as much information from the device as possible.

Start decrypting configuration files if you can download those, look for similar routers for attacking the firmware or hook the router up to your PC using a JTAG cable if possible. I'll warn you though, the latter is very hard if you've never done that before and requires soldering among other things. Dump the firmware, run it on a VM with the right CPU settings and look where the data is stored and how to go from there.

Of course this won't help one bit if the password is hashed, at which point you could crack the hash, do packet capture or change and flash the firmware so you can capture the password used remotely.

Re: crack router login and password

PostPosted: Mon Sep 19, 2016 11:04 pm
by tremor77
Dump the ISP's built-in router wi-fi - most ISP provider routers are cheap ass crap... call them and tell them you want to turn it off, or just don't use it. Hardwire a good wi-fi router to it via ethernet port that you control yourself.

Also, if you have physical access to the router (which if it is indeed your router, you do) you can probably just do a firmware reset on it and use the default admin/admin or whatever that model ships with. Of course then you probably need to add in your PPPOE credentials to authenticate with the ISP or you won't get internet again.

Lastly, call your ISP - i'd be very surprised that they wouldn't just simply provide you with the login information. If there is any reason they don't, a good social engineering tactic for this with ISP's is that you are trying to setup parental controls to limit wi-fi access before and after certain times of the day.

Re: crack router login and password

PostPosted: Fri Sep 30, 2016 12:32 am
by IONx64
Thanks for your suggestions friends. I will try what you advice me. thanks.

Re: crack router login and password

PostPosted: Tue Oct 04, 2016 6:50 pm
by LoGiCaL__
I actually asked the cable guy when he was installing it what the user name and password is so I can configure it and whitelist ip addresses to the wi-fi. I figured it was no big deal and turned out he didn't. I would still try and call though everyone is different.

So now while writing this I started to attempt it myself. I opened cmd prompt and did the usual ping default gateway got a response. Then did a ping -a default gateway to see if a machine name appeared. Looked useless. After that I did http://default gateway and it brought me to the isp website. So then I figured to check the ports. Went back to command prompt and did a netstat -ano and seen something interesting. my local pc -> router connection and as <default gateway:port_num>. Then went back and placed in the url of a browser. This is where my project came to mind. It now stayed on a blank webpage and gave a 500 Internal Server Error with a message on the bottom "CGI Failed".

So I'm gonna test connections to the ports. I had actually wrote some port listening programs just to simply try a connect, if it's open try and get a request and maybe some more info. Not to mention iterate though all the ports. I'll let you know how that goes.

But there are tools that can help like netcat and nmap.


DreadLock Jesus