Sign in to follow this  
Followers 0
sector-xero

Metasploit Past a Router

4 posts in this topic

I have a router setup at home. Now I've heard having a router is a level of protection, but can it be defeated?

The question I'm asking is. Can a hacker who knows my external IP address of (77.77.77.77) go across the internet and connect to my router. Then ultimately running an exploit on specific client on my private network. Like specifically targeting 192.168.1.1?

Is there any guide to this? The only reason I'm asking is because i want to protect myself from it.

0

Share this post


Link to post
Share on other sites

i don't know too much on the subject, but the first thing you should be worried about are if you have any ports forwarded by your router, that would give anyone a direct route to an internal machine. for example, when i was running an ssh server on port 22, my machine logged repeated brute-force attacks starting just hours after i opened the port.

aside from that, i would keep up with router exploits, and read up on NAT traversal techniques. that's about all i know on the subject, but it's more than nothing.

0

Share this post


Link to post
Share on other sites

If it were me I'd bruteforce (just a standard dictionary attack) the router, try SNMP (UDP can be brute forced quicker than TCP services) configuration, attempt default passwds... if that fails I'd google the router model for any known bugs that might give me access. If I got in I'd then start forwarding some ports after peeking at the DHCP scope logs (most every SOHO router allows this to be enabled).

All that is assuming remote admin is enabled on the WAN. Disable remote admin and port forwarding services on the WAN portion and it should be safe. If there are no daemons running it is very difficult to connect.

EDIT: a good tip I learned is to DMZ an unused IP address. All packets should then be dropped and the router will be invisible to the outside world.

Edited by tekio
0

Share this post


Link to post
Share on other sites

basically there is no easy way to drop a payload past a router if it was that easy everyone would be doing it and the internet would suck. instead its pretty hard and depends on the firmware/configuration of the device. if your actually worried about it you can always run a bsd router and firewall everything. you dont really have much to worry about just the bit on remote administration.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0