Jump to content


Photo
- - - - -

Metasploit Past a Router


  • Please log in to reply
3 replies to this topic

#1 Sector-Xero

Sector-Xero

    HACK THE PLANET!

  • Members
  • 65 posts
  • Gender:Male

Posted 12 December 2009 - 05:08 PM

I have a router setup at home. Now I've heard having a router is a level of protection, but can it be defeated?

The question I'm asking is. Can a hacker who knows my external IP address of (77.77.77.77) go across the internet and connect to my router. Then ultimately running an exploit on specific client on my private network. Like specifically targeting 192.168.1.1?

Is there any guide to this? The only reason I'm asking is because i want to protect myself from it.

#2 zandi

zandi

    SUP3R 31337 P1MP

  • Members
  • 263 posts
  • Location:michigan

Posted 16 December 2009 - 12:14 AM

i don't know too much on the subject, but the first thing you should be worried about are if you have any ports forwarded by your router, that would give anyone a direct route to an internal machine. for example, when i was running an ssh server on port 22, my machine logged repeated brute-force attacks starting just hours after i opened the port.

aside from that, i would keep up with router exploits, and read up on NAT traversal techniques. that's about all i know on the subject, but it's more than nothing.

#3 tekio

tekio

    5(R1P7 |<1DD13

  • Binrev Financier
  • 1,102 posts
  • Gender:Male
  • Location:The Blue Nowhere

Posted 16 December 2009 - 12:27 AM

If it were me I'd bruteforce (just a standard dictionary attack) the router, try SNMP (UDP can be brute forced quicker than TCP services) configuration, attempt default passwds... if that fails I'd google the router model for any known bugs that might give me access. If I got in I'd then start forwarding some ports after peeking at the DHCP scope logs (most every SOHO router allows this to be enabled).

All that is assuming remote admin is enabled on the WAN. Disable remote admin and port forwarding services on the WAN portion and it should be safe. If there are no daemons running it is very difficult to connect.


EDIT: a good tip I learned is to DMZ an unused IP address. All packets should then be dropped and the router will be invisible to the outside world.

Edited by tekio, 16 December 2009 - 12:42 AM.


#4 dinscurge

dinscurge

    "I Hack, therefore, I am"

  • Members
  • 936 posts
  • Country:
  • Gender:Male
  • Location:the bunker

Posted 16 December 2009 - 12:58 AM

basically there is no easy way to drop a payload past a router if it was that easy everyone would be doing it and the internet would suck. instead its pretty hard and depends on the firmware/configuration of the device. if your actually worried about it you can always run a bsd router and firewall everything. you dont really have much to worry about just the bit on remote administration.




BinRev is hosted by the great people at Lunarpages!