Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
myhack58佚名MYHACK58:6220055757
HistoryDec 25, 2005 - 12:00 a.m.

Sick cats regardless of the home-the spare ADSL cats initiate network attacks-vulnerability warning-the black bar safety net

2005-12-2500:00:00
佚名
www.myhack58.com
6
JSON

Some time ago the home installation of a telecommunications broadband, and the use of the gift of the terminal device with a routing function of the cat, and was only allowed dial-up Internet, and later still there every time you dial a lot of trouble, simply do it yourself in the cat configuration on the routing, I assign it a 1 9 2. 1 6 8. 1. 1 inside thenetworkaddress. Restart cat after the telecommunications of theserviceto the cat assigned a IP address 6 1. 1 8 3. 7 3. 9 8 Dynamic. To see this dynamic IP, I think it should be in public network access, so it is directly above the IP access cat a WEB[service](<http://www.3800cc.com/ s).
Question then. I use the Setia of the device, it provides a“root”user and the initial password“grouter”, and many users only know the configuration, but do not know the password get rid of, this leads to security nothing. Do not believe? Together we To will 6 1. 1 8 3. 7 3.* This network scan it see it! Take out the x-scan of a poppy crotch:? BR>get the list purged out of the machine next to tried it, it seems my luck today is good, just try for a moment to find several units, when the input is 6 1. 1 8 3. 7 3. 1 2 when the browser POPs up as a dialog box, the field is Viking, I heart burst of ecstasy, which is real up to this cat’s identity! Next will be the initial user name and password input.
Gently click of the mouse, and actually go inside! What? A lie is? NO!
See? Even his internalnetworkwith what the addresses are to see clearly where I will directly use each other’s real IP address., after all, is dynamically assigned, according to the currentwebthe situation of a few days and to restart the cat, but also not afraid of you big cow go attack someone else. In addition, I done the test after giving the man took the cat to restart a bit, it’s IP becomes about it anyway.
Since it came in, we were careful to see if it has what it. First, we to the Admin tab under the User config down to see, unsurprisingly, there is only one default user“root”, We to a prank, to which change the password to it, such as into“router”: in the above, find Edit, the tap will appear the interface, we in it enter the original password“grouter”, and then enter a new password“router”, and after confirmation you can modify the success.
Oh, this has become our“meat Cat”the script kiddies: don’t this is the legendary physicalnetworkto the device in the lowest level of the“meat cat”? Finally understand what is a bull people say the“meat wall”, the“Hacker Router”.
What? You have to ask how the invasion? This is to say, FTP is a very good way. Generally Cat 2 1 and 2 3 ports are open, you just use the FTP link.
Oh cool! This cat should be the Linux kernel, if you want to invade the network, this is a springboard.

Tip: in addition to doing a springboard to the outside, so that the routing can also be used to do DOS attacks, the DOS attack tool pass up a ready-made FTP, and then think of a way to let the software run up OK, the rest is up to everyone on the Linux operating system familiar with the situation.

If you want this cat attacks within the network, may be your IP is added to this segment, this is the most classical of penetration of the invasion. The specific method of attack I will not speak more, from the above you should have seen how it is unsafe? And unsafe is simply using the default username“root”and default password“grouter”is.

Tip: the Root user name is in no way changed, but you can change the password to OFF.

Since came, also how much to it to leave a point of honor to let others know we exist! We to DHCP inside to see it.
You can see the administrator has configured a DHCPservice, enable the 1 9 2. 1 6 8. 1 0. 1 to 1 9 2. 1 6 8. 1 0. 5 0 IP, a local area network where the machine will use the IP address of one. We have to modify it, change from 1 9 2. 1 6 8. 1. 2 5 4 to 1 9 2. 1 6 8. 1. 2 5 4 The IP address, so after the restart a lot of people will not on the network, network administrators should be aware of, the rest of the work sorry for the dude, say Sorry first!
Modified after refresh, you can see the IP has changed. Below we will restart it: find Admin Commit & Reboot, tap Reboot you can, however, after the restart, the meat of the cat you’re hard to find, don’t know telecommunicationserviceand assign it to what IP address?
The entire invasion process is finished, the next time if my friends cat somehow appear broken network situation, you may want to remember to check the settings!
If the article to here me say the phrase“Game Over”, that is purely to teach you how to attack others, estimate I’ll immediately will be N lot of people mad Flat(a script kiddies when is such a threat to the I of it! It’s not my mind, below we look at how this cat for some security configuration!
First we have to configure the cat to resist what individual users often headache of DOS attacks, and open the Service to the Firewall option, in which the Blacklist(blacklisted) enable select the Enable DOS, and then limit it at the same time the connection of TCP semi-connections and ICMPdatathe number of packets, so you can better defend against DOS attacks.
Then re-address deny IP access problem, open the IP Filter, you can add here deny access to the IP, if you want to deny 2 0 2. 1 1 4. 6 4. 2. The present IP address of the access, we can do settings.
Finally, clean out the useless Protocol, which will be in the Blocked Protocols which do look set up.
Script kiddies: if your cat has to be someone modified the password, you can put the cat on with a Reset button press, so the cat it will restore the initial settings, the password will also revert to the original“grouter”, but in the Reset after your cat and need to re-configure the NAT to be able to access the Internet. This article said the method is only for real up to this series in the cat role, for other manufacturers of the cat, as long as you know the initial account and password, as you can use this method to try to invade.

The purpose of this article is not to teach you how to attack, but rather to evoke the majority of ADSL users for the cat’s safety

JSON