Maximum Wireless Security
The execution stage is the part of the hacking process in which the target system is finally hammered. This stage is often quick and over before anyone can detect the intrusion or trace the hack attempt back to the originator. A hacker will want to be sure he knows how to get in and get out without alerting any IDS or watchful system administrators. As we discovered, the vendor of our detected access point is Linksys. We also discovered that the access point's IP address is 192.168.1.1. This is the default IP address, and as such intimates that the other settings might be at their default setting as well. By researching the Linksys unit, we know that configuration changes are done through the use of a Web interface. Thus, we open our browser and type http://192.168.1.1 into the address line. We also know that these settings are protected by a password. However, based on the fact that the IP address has not been changed from the default settings, we can guess that the default password has not been changed, either. A quick search online reveals the default user name to be blank with a password of admin . We now test this password and find ourselves staring at the access point's screen. At this point, we can now change settings, redirect connection, control services, and more. If this router was directly connected to the DSL connection, it could become a serious hole through which a hacker could gain control over a whole network. Using built-in IP redirection, a hacker could set up the router to open the network shares to the outside world. She could also create a DoS attack against the users of the network by changing the settings to restrict usage to only one address, or by changing the WEP key. Regardless of what is subsequently done, we know that the WLAN's access point is vulnerable. |