Tuesday, November 24, 2009

Breaking into routers(Hydra)

Routers tend to use weak login mechanisms redering them vulnerable to certain attacks. In this blog, i'd be showing you how its possible to brute force your way into a linksys router login page.

Router IP: 192.168.1.1
# hydra -l "admin" - P wordlist.txt -vV -s 80 -f 192.168.1.1 http-get /

The '-l' options is for the user name, in our example 'admin' is used because its the default user that comes with most routers. The '-P' option requires a wordlist file. The '-vV' is very verbose and shows login+pass combination for each attempt. The '-s' is for the port number. The router's webserver interface listens on port 80. The '-f' tells hydra to exit after the first login+pass pair was found. Then we put the IP address of the router and the type of service to crack. You can do a ./hydra -h to see the other services that it can bruteforce. Im not quite sure what the '/' in the end is really for but throughout my research i found that i had to put the '/' in the end for it to work.

After executing the command, if the correct password is in the wordlist then hydra would stop and present you would the correct password for the router. As an alternative, hydra has a graphical end that can be use called xhydra. Just type 'xhydra' and the GUI for the program should be launched. Happy Bruteforcing to all.....

Resources/Good reading:
http://www.thc.org/thc-hydra/
http://blip.tv/scripts/flash/showplayer.swf?enablejs=true&feedurl=http://purehate138.blip.tv/rss&file=http://blip.tv/rss/flash/527781&showplayerpath=http://blip.tv/scripts/flash/showplayer.swf

No comments:

Post a Comment