hexlax Posted February 19, 2009 Share Posted February 19, 2009 So, I started to look in to the Jasager project and really liked what I saw there. Instead of attacking the client side, I was thinking about the AP side of the house. You know how most wireless routers have built in web management interfaces? I'd like to work on some code that would interject our own network configuration which could include DNS or static-route poisoning. I'm asking the forum for advice on the best implementation for this program. I have prototyped this already on a xp box by: 1) Zero Wireless Config automatically connects to an AP (based on Preferred Networks). 2) Currently only connects to SSID of "Linksys". 3) Launches wget at the default gateway URL to change router configuration (all a POST statement). 4) Brings down the interface then brings it back up which XP automatically reconnects to another Linksys access point, taking us back to step 1. I could see how I would be able to launch this attack at multiple vendors, all because they all use a single POST statement to change router configuration. This of course implies that the router has the default user/pass, no encryption, and a simple network topology behind a public IP address (what I like to call out of the box security). Although I have only implemented this on XP, I'm sure there are some Linux gurus out there who could shed some light on some APIs or something to implement this by. The only thing I am using wget for is the authentication to the web management interface and launching the config change. I could see how this could already be implemented in the BOOST libraries, making it nice for crossplatformability. I got kinda wordy, but please, I'm interested in what ya think. Quote Link to comment Share on other sites More sharing options...
Bakb0ne Posted February 20, 2009 Share Posted February 20, 2009 ~# iwconfig wlan0 essid myessidwhatever it is && wget 192.168.1.1/starthtmlorwhatever.html && ifconfig wlan0 down && ifconfig wlan0 up Not sure what you're asking, but that should set the essid of the interface wlan0 to myessid*, wget the page you want, and restart the interface. After sobering up slightly, you're wanting to change the configuration of the router? Theoretically you could chroot into the AP, since most firmware is linux based, and do that. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.