On November 5 I had the honor of participating in the LimaHack 2011 that took place at the UPC (Lima-Peru), in which I returned to see friends that I did not see a long time ago, I also had the opportunity to meet great people with a lot of knowledge to share.
In this event, touch a simple topic but from which you can get a lot of profit (Routers, Default Passwords).
In the talk it was explained how simple it could be to obtain credentials from different users and attack specific equipment through the configuration of the router, it was also seen as automating the process.
The PoC was a facebook app which, when visited by the victim, if the victim had default credentials admin / 1234 (more than 70% of cases) through Curl, the configuration of said router was modified by changing the predefined DNS to be able to redirect traffic.
Presentation:
Routers, contraseñas por defecto (LimaHack2011) from Carlos Ganoza Plasencia
Video:
here the scripts
http://code.google.com/p/ror-tools/
The test was carried out with a Billion Router, but by through of conditionals and reading of headers of each router model a more effective attack could be achieved.
I await your comments, greetings.
Carlos Ganoza
I have more than 6 years of experience in the technology market, I have been involved in different aspects of software development, cybersecurity, and open-source. I ♥ python, the open-source, and I always enjoy learning new skills.