Friday, 20 September 2013

How to Hack A Person or System or Computer Behind Home Router ?

This is One of the Major Failure by many People, as they try to hack the system behind router, without even understanding How it Works ?
So, Before I go and answer how to proceed for Pentesting and How to Secure it So that You are not hacked with Such Methods. First, Let Us Understand How Communication actually works in most Home system.

How it Works ?

Spoiler: Image Scenario 1
[Image: S9dGF.png]
Now Above Image Is Scenario of Target System to Whom You want to Pentest.. & Below is the Complete Scenario.

Spoiler: Image Scenario 2
[Image: 529169_236407903147266_419103091_n.jpg]

What Happens Above.. Whenever you are trying to pentest on 1 Single Machine from Other Network.. Your All Communication Goes through Router and You Find.. Nothing..

Now What to Do ? How to Proceed ?

Why not to Enable Service via Router, so that You can Start Communicating Directly to Him..

  1. Public or External IP Address of your Target Machine.
  2. Router Username and Password.

Go to Site to Look for Specific Default Username and password for Different Router.
If you were lucky and router passwords are same as default, which in most cases are than you will be inside router.
Now, Once You are inside Router of Target Machine. See Port Forwarding Video.

How to Enable Service Via Router ? For That I would Recommend to Watch This Port Forwarding Video, Where I am Trying to Enable HTTP Service.. on PORT 80

Please Note :- Its a 15 Minute Video, So Grab a Cup of Coffee, You might get bore in between 
If you know How to Do Port Forwarding, than Please Skip this Video and Move on to Below Post.

Condition : I made port 80 open, and any Webserver Must be Running in the Target Machine. There are many Default ports that are open in Systems, try to open them rather than port 80. For this Scenario I will take example of Port 80 and I am Assuming Some WebService is Running with PHP Installed. Please Note, You can enable different ports like, 22, 23, 21, 3389, etc.,, There are many Other Ports Running too by default or try to enable those services, if you are able to figure it out.. etc.,. Now, After Port Forwarding 80, Whenever I will try to run TARGET IP, I will See his WebService Like This :-
Spoiler: Image Scenario 3 
[Image: IcSZA.png]
And I see UPLOAD_test folder and Garbage folder in htdocs, in your cases, you might see something else.. I immediately went inside upload_test folder and there I see upload.html and upload.php files were kept. But for Now, Lets Assume, there was not upload folder and i gave these upload folder to test through some social engineering attacks.. which you can perform too.. In upload.php "To Upload PHP File was on.. Therefore I uploaded PHP Shell... and Had Complete Access to System... People Can Upload Virus, KeyLogger, RAT or Some Exploit Payload.. 
Spoiler: Image Scenario 4 
[Image: sNof6.png]
Please Note: These Are All Fictitious attack and is only made to Understand the Attack Type Which May Happen to Normal Person

Now As you see, I had Shell and Can do lots of Stuff thereon thereafter...
Now Last Question is How to Save From All Such or Similar Attacks..

Safety Points :- 
  1. First Change Your Router Password Immediately from Default.
  2. Second, Install Some Good Antivirus and Spyware, Though this is again S*** joke for some pro hackers, but something is better than nothing.
  3. Always Cross Check Your Router if some services are running which are not supposed to be.
  4. Fourth, Never Click or Download Unknown or Any Suspicious or Strange Files. (You avoid strangers while walking than why to allow same word in your computer).
  5. Fifth, Update Of Operating System is as Important as Update of Your Antivirus.
For Any other safety questions or Doubts, You can ask them he
World of Hacker © 2011 Creative Commons License
World of Hacker by KroKite is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Based on a work at
Permissions beyond the scope of this license may be available at!newtopic/hackerforum.