If I remotely rebooted a router using MDK3, can I control that router ?!

[Hesham_3del]

Hi,

If I used "Destruction" mode using MDK3, I will crash and reboot the router I'm attacking

After the attack, can I control it, so I remove any wep protection for example or to dismiss a landing page if it's a "hotspot" ?!

Thanks

[Mr-Protocol]

If you are asking if you can control it after forcing it to reboot? Chances are, no.

[Hesham_3del]

Thanks for your respond, Mr-Protocol.

I wanted to bypass a wifi landing page, but, not to deal with connected users to that hotspot, because mainly I find hotspots that no users are connected to it, is that possible ?

Thanks

[digip]

Only if for some reason it also loses its settings in NVRAM and reverts back to say, factory mode, with default passwords, and remote management enabled by default(which most routers these days, don't enable remote management by default out of the box).

Depends on the router manufacturer and firmware though. Some routers have hard coded back doors, user names and passwords from the web side, and some people even enable remote management on alternate ports trying to make it look like another services, so there are a number of things to look for when testing a device.

Goes without saying though, not your device, you're on your own if you get in trouble nor do we condone attacking other peoples equipment, but from an educational standpoint, its always nice to know what devices have flaws and need updating or how to work around them, test for them, and what other ways you can circumvent or get into things which is why you should test against your own equipment in learning vs say, the neighbors wifi.

Hotspots often can be DNS tunneled through to get around landing pages, since DNS is almost always open, but requires setting up an external server to send http traffic over port 53.

Edited July 15, 2013 by digip

[Hesham_3del]

Thank you dear digip.

I'm just a learner and I like to learn, I don't attack, I learn to attack to save myself.

Could you help me here if you don't mind

I wanted to bypass a wifi landing page, but, not to deal with connected users to that hotspot, because mainly I find hotspots that no users are connected to it, is that possible ?

[digip]

Depends on the hotspots, but its still pretty much breaking the law if they require payment to use their systems. Google would probably tell you more about the hotspot than I could though. You just have to know the software they use, like if its a firewall like Sonic Wall(good luck bypassing that) or if its some rinky dink software portal with something as simple as using IP addresses vs domain names, or using your own DNS like OpenDNS and bypassing their dhcp servers settings. Seen some weird things like that at hotels that charge for usage or is included in your room fee, most have some sort of portal tied to the rooms, and use generic info to login, which was often sent in the clear by putting linux into monitor mode. Not saying it will be that easy in your case, but for sake of tinkering and learning, no harm, no foul, just don't mess with someones network and if you get caught, well, thats on you, doesn't bother me if you bypass it, thats your responsibility from your actions.

If you understand networking though, and can peruse and read documentation, check out backtrack and kali, or just simple tools like nmap to see if they have http or a proxy running on an alternate port that can just be used in your browser settings to get online. Sometimes things are simpler than they seem, just depends on the person who setup the captive portal, and if it has any known weaknesses, which google can usually help with.