1. Password theft ADSL dial-up to blame the routing
Hacking exposed in this article ADSL users, a common username and password stealing method, readers do not use it for illegal purposes, and to remind all users associated with this vulnerability as soon as possible to take measures to guard against.
ADSL broadband access as a majority of users have been accepted by some users now have many computers at home, through a dial-up ADSL router, so take advantage of the bandwidth, several computers for home users who need to share Internet access, and can be configured through a proxy server to establish and shared Internet access, disadvantage is that the host must open to be shared; Another effective method is to use a router to be shared, so each client can independently access, inadequateto purchase expensive routing equipment.In fact, some ADSL MODEM itself with routing capabilities, as long as the user to properly configure the relevant parameters can be routed to share, do not need to add external devices.
Internal ADSL modem provided by service providers have built most of the routing function, but due to technical reasons, although a small amount of ADSL modem design in hardware routing capabilities, but the modem software and can not support random PPPoE virtual dial-up access in the wayto use this feature, only those with a fixed IP address, users can use the dedicated routing function, or require service providers central office equipment products with the brand to be able to support the use of PPPoE access mode, then you need to upgrade the modem softwarebefore they can use the built-in routing capabilities.Different router configuration methods, such topics are a lot of posts online, we are here to introduce those who use dial-up Internet users route needs to pay attention to security issues.
The most common problem is that the user does not modify the security configuration of the router password, the general appearance of the router in the back when there is a default configuration password.Only know the password, the user can be configured on the router.Many users configure their own router, and did not change the password.Led some criminals to control the Internet router to steal the user's ADSL accounts.How do these criminals, let's come their way following eleven exposure.
2. Scan ADSL target online users looking for
ADSL Internet users scan the IP segment, the host for a list of open port 80
First, these users dial their home ADSL, then ipconfig command to view your Ip, as shown below:
At the beginning - "Run -> enter cmd, dos window that appears, type ipconfig to see:
General ADSL Internet users in Beijing are mostly 61.49 .*.*。Access to its own IP segment, you can find a good port scanning tool.The new lot in the port scanning tool, which supports multi-threaded, small, fast devaluation superscan.We use it here as a demonstration tool.Superscan interface is as follows:
Usually we begin to enter their IP address at the first address segment, that is 61.49 .*. 1, the end of the IP address is automatically displayed 61.49 .*. 254, here be noted that, next to the ping, and connect data needs according to their ownEnter the case, for the section of this site IP, that IP address with their first 3 parts of the same IP address IP, when scanning the data set can be short for some, but for other segments of the address, the general need to setgreat point.Specific circumstances may be based on results of the scan, if the input data is too small, will find the computer after scanning.
The following ports need to set about scanning, we only need to detect when the router can scan 80 ports.So click the top right of the configuration form a list of the following form will appear:
Modify the select ports as shown, remove the green in front of all the other ports hook, (you can click on the port) to retain only the final 80-port, and then click save, the port configuration table is stored to the hard disk after each usesuperscan no longer needed when the new configuration, you can only load.
Once all the settings, click the start scan.After the scan, as shown:
IIS server, 61.49.150.85 is the machine to open a 302 mark, based on experience, we know there is an open ZTE series router configuration interface.In this article we introduce security risks ADSL router, IIS security problem in a later article we'll explain, here we just 61.49.150.85 Right click on Browse to select the web way.
3. Click the mouse easy to crack the code to prevent awareness of the need to strengthen
Click a link after the configuration dialog box appears, as shown:
Click OK, to be connected.Connection after the pop-up boxes as shown:
By just connecting page on the signs, we can be sure this is a ZTE 831 router, enter the factory default user name, password: ZXDSL, ZXDSL, to enter the configuration screen:
Click the navigation bar on the "quick configuration" to enter the fast configuration interface, as shown:
Has seen username and password are displayed as black specks, how to do it, in fact too hard for everyone, right-click and select View Source Code:
At this point an ADSL account to be easily stolen.
In fact, make up the vulnerability of the method is very simple, as long as the user when installing the router's default password to modify their own, but many people do not do this step, the hacker left a lot of "target."
We have some common router configuration password and IP address published what I hope everyone according to their own brand of screening router, change the default password.It should be noted that these data are not exactly secret, they are printed on the product's specifications above, we strongly recommend routing ADSL Internet users up to modify your password, do not be a crime to leave space for criminals.