| View previous topic :: View next topic |
| Author |
Message |
Localhost
I post too much
 Reputation: 0
Joined: 28 Apr 2007
Posts: 3402
|
 Posted: Wed Apr 23, 2008 9:05 pm Post subject: Port scanning... |
 |
|
Okay i port scanned this server, and i tried all the ip:port combinations... The last one i tried shocked me. It was sort of like a .htaccess login thing... But the weird thing is, i think it was the servers router!
It sayed WRT54GL (Linksys Router) at http://<ip>:<port>
I gasped in amazement when i saw this.
Can you say exploit?
_________________
|
|
| Back to top |
|
 |
Psy
Grandmaster Cheater Supreme
![]() Reputation: 1
Joined: 27 Mar 2008
Posts: 1366
|
| Posted: Thu Apr 24, 2008 2:27 am Post subject: |
|
|
Its nothing super special.
Port 80 is open on a hell of a lot of routers nowadays, especially home cable/dsl ones. So you can access the web config pages from the WAN side.
Even more worryingly is that a lot of times, the default passwords are used, so its obvious what you can do from that stage...
Also, on more crappy routers, you will get a port open in the 3xxx range.
This was originally designed to give the router manufacturer a way into your router at any given time, provided they new your IP, so they could troubleshoot for you. It would use a built-in account called tech.
There is no other way to close this port other than to create a port forwarding rule, and make it throw all traffic to a fake LAN IP, therefore dropping the packets. Interesting....
|
|
| Back to top |
|
|
Localhost
I post too much
Reputation: 0
Joined: 28 Apr 2007
Posts: 3402
|
| Posted: Thu Apr 24, 2008 4:27 am Post subject: |
|
|
Its actually port 8080. I thought it was kind of rare/stupid for that to happen. I cant wait to i find out his password 
_________________
|
|
| Back to top |
|
|
Psy
Grandmaster Cheater Supreme
![]() Reputation: 1
Joined: 27 Mar 2008
Posts: 1366
|
| Posted: Thu Apr 24, 2008 4:45 am Post subject: |
|
|
| Yeah 8080, common proxy port...
|
|
| Back to top |
|
|
Localhost
I post too much
Reputation: 0
Joined: 28 Apr 2007
Posts: 3402
|
| Posted: Thu Apr 24, 2008 4:53 am Post subject: |
|
|
but its not Apache thats running on that port... Its his router! Like you know how you go in and type 192.168.1.1 and you go to your router? Well i can type <ip>:<port> and i get to his router... Sorry if you already understood that
_________________
|
|
| Back to top |
|
|
Psy
Grandmaster Cheater Supreme
![]() Reputation: 1
Joined: 27 Mar 2008
Posts: 1366
|
| Posted: Thu Apr 24, 2008 5:06 am Post subject: |
|
|
Yeah I know what you mean... its not difficult, or new..and I doubt you can do much in the way of getting further into his network. Maybe fk up his settings but that'll be it.
I'm a network engineer by trade, so yeah, I'm well aware..
|
|
| Back to top |
|
|
Localhost
I post too much
Reputation: 0
Joined: 28 Apr 2007
Posts: 3402
|
| Posted: Thu Apr 24, 2008 5:08 am Post subject: |
|
|
Hmm, What if i find out his computers IP (like 192.168.x.x) and open that to the internet?
_________________
|
|
| Back to top |
|
|
Psy
Grandmaster Cheater Supreme
![]() Reputation: 1
Joined: 27 Mar 2008
Posts: 1366
|
| Posted: Thu Apr 24, 2008 6:32 am Post subject: |
|
|
Stick it in a DMZ...
That would allow it to be accessed from the web, but then of course the appropriate ports must be open on the PC itself... if there is a firewall on there then there is still another line of defence.
I'm not gonna discuss this anymore, its hacking... but yeah, from that point an attacker is in a pretty good position.
|
|
| Back to top |
|
|
Cheetah
I post too much
![]() Reputation: 0
Joined: 11 Nov 2007
Posts: 2758
|
| Posted: Thu Apr 24, 2008 12:58 pm Post subject: |
|
|
| Nice find
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
