HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 30 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Hack router Password
EH-Net
May 22, 2013, 11:10:06 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1] 2   Go Down
« previous next »
  Print  
Author Topic: Hack router Password  (Read 175247 times)
0 Members and 3 Guests are viewing this topic.
creepinshadow
Newbie
*
Offline Offline

Posts: 5


View Profile
« on: December 08, 2007, 05:44:56 PM »
Hi,
how can i hack a routers password
it's a web form
i get the routers login page when i enter 192.168.1.1
i tried Brutus, but somehow brutus always says timeout.. maybe some1 can help me wid that..

i also included the source code of that page,
i think it uses md5 ecncryption,

i'm not very professional hacker but do my best to keep up.

Please tel me what to do

thx
Logged
LSOChris
Guest
« Reply #1 on: December 08, 2007, 09:18:07 PM »
try hydra
Logged
creepinshadow
Newbie
*
Offline Offline

Posts: 5


View Profile
« Reply #2 on: December 08, 2007, 09:23:54 PM »
well i have no idea how hydra for win works, since there's no gui.
could u give me some sort of tutorial please?
Logged
LSOChris
Guest
« Reply #3 on: December 08, 2007, 11:36:39 PM »
hydra:
hydra -l admin -p mypass 192.168.0.1 http-get htp://192.168.0.1
hydra -l admin -p mypass 192.168.0.1 http-head htp://192.168.0.1

medusa
cg@segfault:~/evil/bruteforce/ $ medusa -h 192.168.0.1 -u admin -p mypass -M http

Medusa v1.3 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

ACCOUNT CHECK: [http] Host: 192.168.0.1 (1/1) User: admin (1/1) Password: mypass (1/1)
ACCOUNT FOUND: [http] Host: 192.168.0.1 User: admin Password: mypass [SUCCESS]
Logged
creepinshadow
Newbie
*
Offline Offline

Posts: 5


View Profile
« Reply #4 on: December 09, 2007, 10:42:39 AM »
thanks allot man Wink,

how can i replace
"mypass" against a brute force attack?
cause its a web form, and shouldnt it be http-post?
« Last Edit: December 09, 2007, 11:01:25 AM by creepinshadow » Logged
LSOChris
Guest
« Reply #5 on: December 09, 2007, 01:25:41 PM »
you're not even reading the man page are you?

Code:
service   the service to crack.
Supported protocols: telnet ftp pop3[-ntlm]   
imap[-ntlm] smb smbnt
http[s]-{head|get}
http-{get|post}-form
http-proxy cisco  cisco-enable vnc ldap2 ldap3 mssql mysql
oracle-listener postgres nntp socks5   rexec rlogin pcnfs snmp
rsh cvs svn icq sapr3 ssh2 smtp-auth[-ntlm] pcanywhere 
teamspeak sip vmauthd

-->http-{get|post}-form

-P password.lst
« Last Edit: December 09, 2007, 01:29:09 PM by ChrisG » Logged
creepinshadow
Newbie
*
Offline Offline

Posts: 5


View Profile
« Reply #6 on: December 09, 2007, 01:56:52 PM »
so is it:

hydra http-form-post 192.168.1.1:user=^user_name^&pass=^passwd1^&mid=failed

or?

hydra -l admin -p -P http-form-post 192.168.1.1:user=^user_name^&pass=^passwd1^&mid=failed


i dont know how to brute force, do i first have to create a brute force word list? and how?
Logged
Hack_80
Jr. Member
**
Offline Offline

Posts: 86


Black buck


View Profile
« Reply #7 on: March 06, 2008, 04:27:17 AM »
I tried the same command
hydra -l admin -p mypass xx.xx.xxx.xxx http-get htp://xx.xx.xx.xxx

I am finding the error that
child with pid 2948 terminating,cannot connect

can anyone help what the error indicates
Logged
Koiso
Newbie
*
Offline Offline

Posts: 3


View Profile
« Reply #8 on: March 18, 2008, 05:47:14 PM »
Hello,
I have a problem with Medusa, it don't discover my password

root@xxx-desktop:/home/who# medusa -h 192.168.2.1 -u admin -p 1234 -M http
Medusa v1.4 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

ACCOUNT CHECK: [http] Host: 192.168.2.1 (1/1) User: admin (1/1) Password: 1234 (1/1)

and it stop....
Logged
LSOChris
Guest
« Reply #9 on: March 18, 2008, 06:21:51 PM »
does your web server use basic authentication?
Logged
Koiso
Newbie
*
Offline Offline

Posts: 3


View Profile
« Reply #10 on: March 19, 2008, 08:31:49 AM »
It use wap.

Thanks
Logged
LSOChris
Guest
« Reply #11 on: March 19, 2008, 06:05:04 PM »
hmmm windows authentication protocol???
Logged
Koiso
Newbie
*
Offline Offline

Posts: 3


View Profile
« Reply #12 on: March 20, 2008, 04:51:03 AM »
I'm working under ubuntu.
Logged
LSOChris
Guest
« Reply #13 on: March 20, 2008, 06:37:47 AM »
hmm i'll rephrase.  what type of webserver are you running and on what OS?
Logged
znorc
Newbie
*
Offline Offline

Posts: 1


View Profile
« Reply #14 on: March 29, 2008, 06:38:16 AM »
Quote from: ChrisG on March 20, 2008, 06:37:47 AM
hmm i'll rephrase.  what type of webserver are you running and on what OS?

I use windows XP, and i am trying to "hack" my router here at home (Zyxel NBG-415N)

I am using the same commands, but ip is 168.192.2.1

and as password to the router, i get "mypass" by using your command, and when i try to login on the router with that, it is incorrect.

heeelp
Logged
Pages: [1] 2   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.073 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.