Tuesday, March 28, 2017
Nmap Tutorial How To Hack ADSL Router Using NMAP Tool
Nmap Tutorial How To Hack ADSL Router Using NMAP Tool
Asynchronous digital subscriber line (DSL or ADSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connectivity to the Internet, which is often called DSL or ADSL broadband. In this guide I will show you show you how to scan IP range for connected ADSL or DSL modem routers and find DSL ADSL router hack remotely. This guide applies to Windows, Linux or Mac, so it doesnt matter whats your Operating system is, you can try the same steps from all these operating systems. The term DSL or ADSL modem is technically used to describe a modem which connects to a single computer, through a USB port or is installed in a computer PCI slot. The more common DSL or ADSL router which combines the function of a DSL or ADSL modem and a home router, is a standalone device which can be connected to multiple computers through multiple Ethernet ports or an integral wireless access point. Also called a residential gateway, a DSL or ADSL router usually manages the connection and sharing of the DSL or ADSL service in a home or small office network.
Put this together with Wireshark hacking for http websites, you got a nightmare for the user behind that router as all their passwords and details can be tracked very easily.
Whats in a DSL ADSL Router?
A DSL or ADSL router consists of a box which has an RJ11 jack to connect to a standard subscriber telephone line. It has several RJ45 jacks for Ethernet cables to connect it to computers or printers, creating a local network. It usually also has a USB jack which can be used to connect to computers via a USB cable, to allow connection to computers without an Ethernet port. A wireless DSL or ADSL router also has antennas to allow it to act as a wireless access point, so computers can connect to it forming a wireless network. Power is usually supplied by a cord from a wall wart transformer. It usually has a series of LED status lights which show the status of parts of the DSL or ADSL communications link:
- Power light indicates that the modem is turned on and has power.
- Ethernet lights There is usually a light over each Ethernet jack. A steady (or sometimes flashing) light indicates that the Ethernet link to that computer or device is functioning
- DSL or ADSL light a steady light indicates that the modem has established contact with the equipment in the local telephone exchange (DSL or ADSLAM) so the DSL or ADSL link over the telephone line is functioning
- Internet light a steady light indicates that the IP address and DHCP protocol are initialized and working, so the system is connected to the Internet
- Wireless light only in wireless DSL or ADSL modems, this indicates that the wireless network is initialized and working
Almost every ADSL DSL modem router provides a management web-page available via Internal network (LAN or Local area network) for device management, configuration and status reporting. You are supposed to login to the management web-page, configure a username password combination provided by your ISP (Internet service provider) which then allows you to connect to internet. The network is divided into two parts:
External Network
External network indicates the part where ADSL DSL modem routers connects to upstream provider for internet connectivity. Once connected to the ISP via a Phone line (ADSL DSL Modem routers can use conventional Copper Phone lines to connect to ISP at a much higher speed), the router gets an IP address. This is usually a Publicly routable IP address which is open to the whole world.
Internal Network
Internal network indicates the part where devices in Local Area Network connects to the ADSL DSL modem router via either Wireless or Ethernet cable. Most modem DSL ADSL Modem routers runs a DHCP server internally which assigns an Internall IP address to the connected device. When I say device, this can be anything from a conventional computer, a laptop, a phone (Android, Apple, Nokia or Blackberry etc.), A smart TV, A Car, NAS, SAN, An orange, A banana, A cow, A dragon, Harry Potter
I mean anything thats able to connect to internet! So you get the idea. Each device gets its own IP address, a Gateway IP and DNS entries. Depending on different DSL ADSL Modem router, this can be slightly different, but the idea remains the same, the DSL ADSL Router allows users to share internet connectivity. These DSL ADSL Modem Routers are like miniature Gateway devices that can have many services running on them. Usually they all use BusyBox or similar proprietary Linux applications on them. You want to know what a DSL ADSL Router can do? Heres a list of common services that can run on a DSL ADSL Modem Router:
- ADSL2 and/or ADSL2+ support
- Antenna/ae (wireless)
- Bridge/Half-bridge mode
- Cookie blocking
- DHCP server
- DDNS support
- DoS protection
- Switching
- Intrusion detection
- LAN port rate limiting
- Inbuilt firewall
- Inbuilt or Free micro-filter
- Java/ActiveX applet blocking
- Javascript blocking
- MAC address filtering
- Multiple public IP address binding
- NAT
- Packet filter
- Port forwarding/port range forwarding
- POP mail checking
- QoS (especially useful for VoIP applications)
- RIP-1/RIP-2
- SNTP facility
- SPI firewall
- Static routing
- So-called DMZ facility
- RFC1483 (bridged/routed)
- IPoA
- PPPoE
- PPPoA
- Embedded PPPoX login clients
- Parental controls
- Print server inbuilt
- Scheduling by time/day of week
- USB print server
- URL blocking facility
- UPnP facility
- VPN pass-through
- Embedded VPN servers
- WEP 64/128/256 bit (wireless security)
- WPA (wireless security)
- WPA-PSK (wireless security)
Thats a lot of services running on a small device that are configured by nanny, granny, uncle, aunt and the next door neighbour, in short many non technical people around the world. How many of those configured badly? Left ports open left right and center? Didnt change default admin passwords? Many! I mean MANY! In this guide we will use namp to scan a range of IP addresses, from output we will determine which are DSL ADSL Routers and have left their Management ports open to External Network. (again read top section to know which one is a external network). A typical ADSL Routers Management interface is available via following URL:
http://10.0.0.1/
http://192.168.0.1/
http://192.168.1.1/
http://192.168.1.254/
etc.
This is the Management page for DSL ADSL modem router and its always protected by a password. By default, this password is written below a DSL ADSL modem router in a sticker and they are one of these combinations: Username/Password
admin/admin
admin/password
admin/pass
admin/secret
etc.
A lot of the home users doesnt change this password. Well, thats ok. It doesnt hurt much cause this is only available via a connected device. But whats not OKAY is when users open up their management to the external network. All you need to know whats the Public IP address for your target and just try to access this management page externally.
Installing NMAP
I use Kali Linux which comes with NMAP Preinstalled. If you are using Windows or Mac (or any other flavour of Linux) go to the following website to download and install NMAP.
Linux Installation:
For Ubuntu, Debian or aptitude based system NMAP is usually made available via default repository. Install NMAP using the following command:
sudo apt-get install nmap
For YUM Based systems such as Redhat, CentOS, install via
sudo yum install nmap
For PACMAN based systems such as Arch Linux, install via
sudo pacman -S nmap
Windows Installation:
For Windows Computers, download installer and run the executable. Link: http://nmap.org/dist/nmap-6.46-setup.exe
Mac Installation:
For Mac users, download installer and install Link: http://nmap.org/dist/nmap-6.46.dmg
Official NMAP site
You can read more about NMAP here: http://nmap.org/