Leaving your wireless router at its default settings is a bad idea. The sad thing is, most people still do it. Once they've penetrated your network, hackers will change your router settings so they'll have an easy way back in. This allows them to change your network into a shell or proxy so they can forward their traffic anonymously through you when committing other dirty deeds.
If you keep your wireless router at the defaults, then hackers can control your firewalls, what ports are forwarded, and more.
But never mind the hackers, what about your kids?
In this Null Byte, we're going to take a hack at our own wireless routers to see just how secure they really are. We'll be using Arch Linux and THC Hydra, a brute-forcing tool. Windows users, you can follow along if you use Cygwin.
Step 1 Download & Install Hydra
First we need to go to the Hydra website, download Hyrda, and get everything configured. In this article, a "cmd" refers to a command that has to be entered into a terminal emulator.
- Download Hydra from THC's website.
- Extract Hydra in a nice location.
cmd: tar zxvf hydra-7.1-src.tar.gz
- Change to the newly made directory.
cmd: cd <new directory>
- cmd: ./configure
- cmd: make
- cmd: sudo make install
Step 2 Use Hydra on Your Router
Now we're going to attack our routers. The default IP/URL to reach it at will be 192.168.1.1, so test that address in a browser to confirm it. If you get a dialog box, you've reached your router. This is running HTTP basic authentication.
Follow along to my video tutorial below to crack your routers authentication page.
- cmd: xhydra
- Enter 192.168.1.1 as your target.
- Use http-get as the method.
- Port 80.
- Pick a word list saved on your computer.
- Click start!
Congratulations! See how easy it can be? A router won't block out requests normally, either. So someone could brute-force you for days upon days. Change your password to something greater than 12 characters and maybe review this guide. Visit in IRC!