Hacking routers with a facebook applications

Posted by Carlos Ganoza on 23 Nov, 2011

On November 5 I had the honor of participating in the LimaHack 2011 that took place at the UPC (Lima-Peru), in which I returned to see friends that I did not see a long time ago, I also had the opportunity to meet great people with a lot of knowledge to share.

LimaHack 2011: I'm the guy in red coat XDLimaHack 2011: I'm the guy in red coat XD

In this event, touch a simple topic but from which you can get a lot of profit (Routers, Default Passwords).

In the talk it was explained how simple it could be to obtain credentials from different users and attack specific equipment through the configuration of the router, it was also seen as automating the process.

The PoC was a facebook app which, when visited by the victim, if the victim had default credentials admin / 1234 (more than 70% of cases) through Curl, the configuration of said router was modified by changing the predefined DNS to be able to redirect traffic.

Presentation:

Routers, contraseñas por defecto (LimaHack2011) from Carlos Ganoza Plasencia

Video:

here the scripts
http://code.google.com/p/ror-tools/

The test was carried out with a Billion Router, but by through of conditionals and reading of headers of each router model a more effective attack could be achieved.
I await your comments, greetings.


Carlos Ganoza

Software engineer with more than 6 years of experience, I have been involved in different aspects of software development, InfoSec and open-source. I <3 Python.