Password cracker..... plz don't flame me...

Souka

Diamond Member
Sep 25, 2000
4,728
1
76
Ok... I want to know how long it will take to crack my wi-fi's AP using a password cracker.

This is assuming that the person was able to get past spoofing a MAC address and my WEP encryption.....

The Question:
So in a browser you type the router's IP...lets say 192.168.0.1 and get the windows username and password prompt..... does anyone know of a program that will brute force its way in?


I'm asking because I let my nephew have access to my wi-fi, but I need to know how easy it could be for him to "hack" into the admin part of the router.


Thanks,
Souka
 

Cheetah8799

Diamond Member
Apr 12, 2001
4,508
0
76
If you are worried about your nephew hacking the router, why do you give him access?


I'm not sure how good the security is of most routers, and I don't know of any specific apps to crack them, but I'm gonna bet that it's not that hard to find a script to modify to do the job.


Since your question got me thinking, I did some quick google searches and came up with this site: http://www.websec.org/tools.html

They have a formbrute.pl script there that could be used to do the job. It's not documented very well, but it's small and a decent perl programmer should be able to get it to work.
 

Souka

Diamond Member
Sep 25, 2000
4,728
1
76
a perl programmer? heh... I can barely program the VCR

:)

Anyone got a simple app that I can type in the router IP's and it'll do the rest?



Far as security concerns, it's just a curosity....
 

OmegaXero

Senior member
Apr 11, 2001
248
0
0
In this case I don't think it has to do with cracking the admin password for the router. We're talking about breaking your WEP encryption. From what I hear this is very easy to do and it can be done without ever touching the router. Your nephew could start a packet capture with a number of neat tools out there designed for wireless sniffing. From there he could use a program that would start guessing WEP keys. There was a post in networking a few days ago that said some new method was discovered that made WEP extremely easy to crack. If you've got WPA now would be a good time to turn it on. =) If not...time for a firmware update.

If you're worried about him just hacking into the admin page of your router, well then there's not much you can do! Once you've given someone else your local WEP key and they're inside your network they can access the router just as easily as you can. If it was me I would try telnet/ssh into the router first, if that didn't work I'd try physically reseting it, stuff like that. After all he does have your WEP key so if he was to reset the router he'd have most of the info he'd need to restore things enough that you might not notice it had been tampered with (until you tried to login of course).
 

Souka

Diamond Member
Sep 25, 2000
4,728
1
76
Actually, the specifc deal is I don't want him accessing the router because he will disable certain features I have enabled.... the AP itself is a spare router that I have put on it's own comcast IP....it's no relation to my home network.

So...back to my orignal question... does anyone have an app that will brute force break the AP user/password prompt?

 

ColKurtz

Senior member
Dec 20, 2002
429
0
0
If your nephew is so mischevous, why would you give him access anyway? Are you implementing some kind of anti-porn blocklist in your router, or something? If so, your nephew -- if he's as wiley as you make him out to be -- will get to such sites in ways much easier than hacking your router. And since this appears to be a home network, what real damage can be done by him having access to the router?

Perhaps this is all a cover story for you trying to steal bandwidth from your neighbor's AP. If so, forget I said anything... ;)
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
I know of a few that could probably work, but they're unnecessary. Use a strong password. If he does crack it, reward him if he comes clean. Make it a challenge, it'll be good for the kid. It'll help foster analytical thinking and he might learn something. :beer:
 

yoda291

Diamond Member
Aug 11, 2001
5,079
0
0
so long as your password is sufficiently complex, it should be fairly impossible to brute force it. tho that doesn't rule out other means. If I were the nephew, I'd attack from your PC instead of hitting the router directly and try and snatch the password once you typed it in. Or I could poison the arp tables on the network and run an ssl proxy to try and sniff it out.
 

overclock

Senior member
Apr 28, 2001
720
0
0
If he has physical access to the router all he has to do is reset the thing and your world is over.
 

nweaver

Diamond Member
Jan 21, 2001
6,813
1
0
the perl script is the best bet I have seen. Some sort of program that will form the password and then use http requests to submit it to the correct login cgi script on the router. There is no Staples "easy" button for this.
 

stash

Diamond Member
Jun 22, 2000
5,468
0
0
A strong password would offer much more protection to the router itself than either MAC filtering or WEP.
 

Souka

Diamond Member
Sep 25, 2000
4,728
1
76
You guys are funny..... some of ya missed the point....but I appreciate your efforts.

I changed the password so that I know he's cracked it. :)

"You-Get-$20-Andy"

 

stash

Diamond Member
Jun 22, 2000
5,468
0
0
'm asking because I let my nephew have access to my wi-fi, but I need to know how easy it could be for him to "hack" into the admin part of the router.

I think maybe you are the one who missed the point ;) If someone has physical access to the router, they can reset the firmware back to the defaults.
 

yoda291

Diamond Member
Aug 11, 2001
5,079
0
0
Originally posted by: STaSh
'm asking because I let my nephew have access to my wi-fi, but I need to know how easy it could be for him to "hack" into the admin part of the router.

I think maybe you are the one who missed the point ;) If someone has physical access to the router, they can reset the firmware back to the defaults.

maybe he has a static route to his super-secret porn server?
 

InlineFive

Diamond Member
Sep 20, 2003
9,599
2
0
Originally posted by: Souka
You guys are funny..... some of ya missed the point....but I appreciate your efforts.

I changed the password so that I know he's cracked it. :)

"You-Get-$20-Andy"

Don't post it on here! :p
 

SaintTigurius

Senior member
Apr 3, 2003
332
0
0
, they can reset the firmware back to the defaults.

He propatly reset the router, all it takes is a paper clip and 10 seconds of his time, very easy to do..


I changed the password so that I know he's cracked it.

and thats why ur settings where gone , and your password was erased. becuase he propably reset it.

what i would do it, get into ur computer and put tons on spyware and crap instead of messing with router.
 

Souka

Diamond Member
Sep 25, 2000
4,728
1
76
eh?

Never said he touched my router....nor did I say he does or doesn't have access to it.


and if he were to get into the router it wouldn't give him access to my home systems... which are physically on a different network..



again...thanks for your help (cough cough)