Simple Steps To Basic Wireless Hacking
The intent of this article is to show you some information on basic wireless hacking along with just how important it is to secure your wireless Network. Please use this information wisely. I am not responsible for what you and your friends do with this information.
Today it is very easy to set up a wireless network. Basically plug in the router a few clicks on your computer and away you go. The average person can go to the local electronic store and pick up a wireless router for as cheap as 40 bucks. The Problem comes in when securing the network. A lot people don't take the time to learn how to, or care to set up a secure network. How much damage can some one do if they connect to a wireless network?
Well in this article I will show you just how easy it is to connect to one of these unsecured networks and what kind trouble can be caused. I am going to use just some built in tools of Windows XP. There are other tools like the Linux distribution BackTrack that are created just for this task and much more.
How Simple is it to find a Unsecured Network?
In this example I am just using the windows wireless management tool in windows XP. This will work fine if you are not on the move. If you are scanning for networks in a car or on your bike I would strongly recommend NetStumbler.
As you can see here just by looking at what networks are available close to my home, there is at least one unsecured network. (See image below) I would be willing to bet you could go around your block and find at least five or more open networks depending on your location. I am going to use this Linksys network in my example.
How simple is it to connect to an Unsecured Network?
I just double clicked on the open Linksys network.
It will warn you that you are connecting to a unsecured network.
Click Connect Anyways
Now I can start Browsing the Internet. If I wanted to start hacking away at some site, it would appear as if It was the owner of the open wireless network.
What can some one do if they connect to unsecured network?
In this example this wireless network is still set at the default settings including the Administrator password.
A simple search on http://www.routerpasswords.com you can find just about any wireless router Default password. Since this is a Linksys router the default password would be admin with a blank username.
Since most wireless routers are the default gateway, I will do a quick command in dos to find out what the default gateway is.
Click on start > Run
Type CMD and click ok
In the Dos window type ipconfig then hit enter
I look for the information under my wireless network card. The default gateway is 192.168.1.1.
Type this in your Browser to connect to the Linksys router.
You will be prompted for a user-name and password. Leave the user-name blank or type root Since this is a Linksys router I will use the password admin
To find out the default password for just about any router check out http://www.routerpasswords.com/
If they did not change there router password you should be able to get in to the configuration pages of the router.
I am now connected to the router. This gives me complete access to see who is on the network. I can also do things such as set up security, open ports, and so much more.
How do you see who is connected to the network?
- Click on Status
- Click on Local Network
- Click on DHCP Client Table button
You should now see all computers that have been assigned an IP address by the router. Not all the computers on the network may not be connected at that time but a simple ping will let you know.
You could run a port scanner on each of these computer's IP address to find open ports such as SSH, Telnet, Termainal service and so on.
Since we are able to configure the router we could open up ports and let any one on the internet have access to this network. We could also have a little fun by setting up wireless security on the network and locking out the owner of his or hers own network.
Lets say you could not get in to configure the router there still is a lot of trouble that can be caused just by being connected on the network. You could set up a Network packet capturing program such as Ethereal and then use it to Scan for information such as user-name and passwords from websites they may login to. Another really easy tool to round up usernames stored in a cookie for facebook would be Firesheep.
You could also go out and cause some trouble on the web and it would trace back to there IP address (Link to the network owner).
At the very least you could just enjoy the free internet. Also if you out on the road with your laptop and get lost, you could always get connected real quick and take advantage of Google maps or other resource. Could come in handy in a pinch.
I hope this article got you thinking a little bit and if your wireless network and making sure it is secure If your network is not secure I really hope you think about taking a little time to secure it.