ADSL routers also known as DSL modems is a device used to connect the computer to the DSL phone line for using Internet Services (broad band ).These ADSL routers have a serious vulnerability in them, which most of you are not aware off . In this post I will show you how to exploit this common vulnerability that lies in most ADSL routers so as to gain complete access to the router settings Hack Remote ADSL Routers ( DSL modems )
Every DSL modem (router) comes with a user name and password using which it is possible to gain access to the router settings and configure the device. The vulnerability actually lies in the Default user name and password that comes with the factory settings. Usually the routers come preconfigured from the Internet Service provider and hence the users do not bother to change the password. This makes it possible for the attackers to gain unauthorized access and modify the router settings using a common set of default user names and passwords. Here is how you can do it.
Things Required :-
1. IP Scanner - To scan IPs
2. Any Web Browser
Procedure :-
1. First Install and open IP Scanner, Enter the Ip Range that you want to scan, Being a broadband user, I prefer to scan my own IP range, you can find your Ip address by going to whatismyip.com
2. After Entering the Range , go to options and select options, check only open ports radio button as show , finally click OK button
3. Now go to options and click "select ports " Enter Port 80 as shown and click OK
4. Now click start scan , After a few minutes the scanner will show a list of Ips with port 80 open
5. Now copy one of the IPs from the list , and paste it in your browser and hit enter , You will be prompted for the login details , just enter admin for both the login name and password , If your lucky you shall gain access to the router settings page as shown
If you do not succeed to gain access, select another IP from the list and repeat the step-5. At least 1 out of 5 IPs will have a default password and hence you will surely be able to gain access.
Exploitation
By gaining access to the router settings, it is possible for an attacker to modify any of the router settings which results in the malfunction of the router. As a result the target user’s computer will be disconnected from the Internet. In the worst case the attacker can copy the ISP login details from the router to steal the Internet connection
The attacker can also specify a fake DNS server for the victim router and could carry out phishing attacks. The attacker can change the ISP's DNS servers to his own controlled DNS server, thus making a redirection of DNS for phishing. This attack is believed to be one of the most stealth attack on this kind of scenario.
Counter Measures
If you are using an ADSL router to connect to the Internet, it is highly recommended that you change your default router password
Hope you enjoyed the post , For further doubts and clarifications please pass your comments
i have a question ipscaner gives me a host but is the one i use so i have to disconect from internet' and another question if im disconect how to enter to a host if when i copy the ip says u dont have internet or something like that
REPLY@Androssi
You need not copy the host name all u need is enter the corresponding ip to the host name in the browser
can we create our own DNS servers??
REPLYoh...then you need to contact your ISP.
REPLYahhhh! i m halted at the first step only..
REPLYI mean I downloaded Angry IP Scanner, it is getting nothing on the screeen. i changed to port 80..
can u tell me which Scanner u r using??
@Anonymous
i used ip scanner from net tools >>
Really helpful. I am not a very computer literate person and you always make things easy to understand. Thanks so much
REPLYI was an early adopter of ADSL in my area so I've been using an original Asus ADSL modem for several years. It's essentially a first generation ADSL modem with a single Ethernet connection on the back. I connect this to a separate 8 port Ethernet switch. I also have a wireless access point which connects to the Ethernet switch.
REPLYHi ..I did wat u told..hehehe hope i was so lucky....Im successfully logged in to a guys Modem page..HEHE am afraid to do on...
REPLYPLs make tut About DNS for phishing ..Thankss
REPLYI want hack changed user name and password.can anyone help me?
REPLYUse the form below to comment. No spam please!!!