Socially Reclusive

Ever since I got my iPod Touch, I’ve found it to be a great internet device. It is also, a fantastic hacking device. I don’t mean full scale, internet bank fraud. I mean internet stealing, password grabbing and basic mischievous hacks. Let me explain how to do it, if it was possible.

Walk round with my Wi-Fi turned on. Looking for open networks. Then, if you find one which is open, and I prefer Netgear, You access the router. Normally 192.168.0.1. The default login (admin, password), and have full access to the router. Click on “Remote Management” and enable it. Now take down the IP address and logout. You have to logout otherwise the next step won’t work. Make a note of the routers external IP.

Head home and hope on the PC. Open up the web browser and type in the ip, and “:8080″. This is the default port for remote admin of the router. You can then login and take full access to the router. Also, if you click on “Backup My Settings”, you can download, in plain text format, the email address and password.

Just clear the logs and no one knows you’ve been there.

That is of course, if it was possible and / or legal

[Update] After looking around at other potential threats, it seems that NETGEAR routers are vulnerable to this basic attack. Its possible to do the same with Linksys routers, although the backup file is stored in a .cfg file which is not readable in normal text editors. A Hex editor however is perfect and gives up its secrets.

[Update * 2] This whole process could be spead up, also without the need for remote access, with a laptop. Anything that can access a website and download files. I, personally, would get an XO-1 Laptop or Asus eeePC for this very reason.

[Update * 3] It should be noted that with Linksys routers, the router will need to reboot after allowing remote admin. Make sure you get the IP Address AFTER you have enabled Remote Administation.

[Update * 4] Found a great Flickr photo which relates to this post.