1. Home
  2. Networking Firewalls
  3. Is it possible to use Wifi to hack a router?

Is it possible to use Wifi to hack a router?

Hi, I met something strange in my system. The condition is like that: I have a wireless router(DLink). I didn't set any security password for the Wifi because I worried about the speed. But I disabled the DHCP,so every machine has to set its IP and gateway same with the router. In my family, I have about 4 computers, that's not a big deal to me. Yesterday suddenly I found my router's Wifi was locked! It's so strange. Even somebody guessed my network IP range(192.168.0.x), how did he know the router's manage page's user name and password? Although that page is not https page, but if he wanted to hijack the package between my client and the router, he had to first begin a ARP attack and mask himself to a router(maybe he just acted as a package dispatcher to router). I even cannot imagine that would happen because this is a tough job. First he had to guess the IP range, then he had to write an ARP attack program and mask program. Even I am a senior software engineer, it will take me a couple of days and sometime we may stop before the first step-guessing IP range. Or there is someone use the Wifi security back door? I only know something about that news, but I don't know exactly about it. I'm using Linux OS, it seemed that the hole hides in the network? In fact, now I care technology more than the hack event itself. Can someone explain it to me? I graduated from a famous Chinese university's EE major. So don't hesitate to explain it in technology way. Thanks in advance.

Reply to
PP
Loading thread data ...

Why don't you ask is alt.internet.wireless?

They will tell you that anyone with any expertise and savvy can hack the wireless, if they wanted to come after your wireless network or the router.

Reply to
Mr. Arnold

not very smart...AT ALL

come on,

no, in your config and in wireless 802.11 technology in general. In fact, now I care technology more than the hack event

install kismet on your linux box and see what they see... other hints: airsnort, aircrack, airopeek, netstumbler

M
Reply to
mak

Thanks. From my understanding, I guess it happened like that.

First, the guy has to connect to my router using the same IP range(he guessed it out?). Then because my router didn't set the mac binding, he may listen the SSID broadcast and find an active IP(like my laptop). When he found the IP, he may start an ARP attack and cheat router. When my laptop send http request to router to login my router's admin page, the hacker can easily hijack the router's response. What I have to do , I think, is to set up the IP-mac binding in the router. In fact,now I'm so interested to write such an application to play around.

Reply to
PP

It doesn't take much as everyone in the world knows the IP's starting with the Device IP of the major brands of the routers. You disabling DHCP meant nothing.

Even if you had it set, a hacker with any expertise and savvy can come around it.

I doubt the hacker did any listing on anything. Most likely, the hacker just found a static IP on the router in the range of the Device IP and walked the IP(s) until the hacker got an open one.

Cheat the router how? The hacker was already on the wireless side on the network and had access to the router.

Well if you left the user-id and psw for the router in their out of the box default settings, then every one already knows them, and since hacker was already on the network and knows the default user-id a psw, that you possibly left in their default settings (you never changed them), the hacker simply logged on to the router.

I could be wrong on all of it.

But where you really need to make the post is to alt.internet.wireless to the people that do wireless for a living and know the security aspects of wireless and the devices. They also know how to hack past all the security features and can give some tips on how to protect on the wireless.

Reply to
Mr. Arnold

Lets examine the simple facts:

Installed a wireless router Installed default password Installed it at a common IP You ignored all the normal security warnings

Take this as a lesson learned and start following standard security practices.

Install WPA-PSK Change the default/standard network to something like 192.168.203.254/24 Setup logging to a PC so that you can monitor traffic Block outbound ports 135-139 & 445 Change the router admin password (something with 10 characters)

Change the WPA and Router password monthly.

Reply to
Leythos

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.