SecurityXploded.com
Hacking ADSL Routers - Is Your Home Internet Secure? | www.SecurityXploded.com
 
 
Hacking ADSL Routers - Is Your Home Internet Secure?
Author: Prashant Uniyal 
 
 
 
See Also
 
 
 
Contents
 
 
Introduction
An ADSL router is also known as a DSL modem. The router is used to connect the computer to the DSL phone line for using the ADSL service. BSNL and MTNL rolled out many ADSL router cum modem during the peak days of rising internet customers in India.
 
 

Today we will have a quick view on how can an attackers gain access and exploit vulnerabilities in the router. We will be using an IP scanner and a browser.

 
 
 
Beginning with Scanning
Being one of a broadband user, I used my own IP to scan for IP range. There are many IP range scanners available over the internet. I have used angry IP scanner here. We will check for the alive IP addresses in the range.
 
hack webscarab
 
Quickly, I checked my IP and entered a range in the angry IP scanner. After few scans, I found couple of them as shown in the screen above.
 
 
 
Gaining Remote Access
 
I just checked in few IP's to see whether remote access is available to the router. And believe me, most of the routers had remote access turned ON by default. A big point to be noted is that most routers had default password activated like combo of username and password like admin-admin or admin-password. That means any one with such an IP address, can easily gain access to a remote router.

Here is the screenshot of one of the hacked router with default password settings.
 
hack routers
 
 
 
Vulnerabilities and Exploitation
 
Here we will have some of the common vulnerabilities and exploitation techniques that can be used by an attacker.
  • Weak Password: An attacker can easily compromise the router as most of them have default passwords set.
  • Sniffing: The attacker could specify a static route passing through his network for the victim's router and sniff the traffic from the victim. [SSL Strip + Ettercap + Wireshark]
  • Phishing (using DNS Redirection): The access to the router as we've seen is easily available. The attacker could specify a fake DNS server for the victim router and could carry out phishing attacks. The attacker can change the ISP's DNS servers to his own controlled DNS server, thus making a redirection of DNS for phishing. This attack is believed to be one of the most stealth attack on this kind of scenario.
Here is the picture demonstrating DNS Redirection,
 
hack routers
 
 
 
Conclusion

Most of the home routers are left out in default configuration state & can be hacked easily. The password vulnerability can easily exploited which later can result in havoc for a user. A little bit of user awareness is required to keep themselves safe.

  • The default router password should be change immediately.
  • Keep strong passwords rather than plain one's that can be easily guessed or brute forced.
  • Keep monitoring your routers logs.
  • Some new routers have option to disable remote access. It is recommended to disable any such remote access doors.
That's all. Stay safe and Be secure !
 
 
 
See Also