Hack passwords of Dlink routers with Metasploit

Good Evening friends. Today we will see how to hack passwords of Dlink routers on the internet and we are not talking about password cracking although we will see that also in the future. Uffff, that was a very long sentence. Ok , now let’s see how to hack passwords of remote Dlink routers, but wait there’s a catch. This howto will only work on Dlink routers having version dir 645. Now if you’re thinking who still uses that version, then you should just shhhhooodaaaan. Start Metasploit and load the “auxiliary/admin/http/dlink_dir_645_password_extractor” exploit as shown below.
dlinkpe1
It’s always good to see the information about our exploit as shown below.
dlinkpe2
Now set the RHOST option( i.e the IP address of our target, you will get this from shodan). Change the port to 8080.
dlinkpe3
Now execute the exploit by typing command “run”. The exploit will run as shown below. Don’t worry about the errors we get as our exploit has already finished its job and saved the passwords of routers into a file.
dlinkpe4
Now let’s open the file. Copy the path of the file from above. Use any text editor to open the file. Below I have used gedit.
dlinkpe5

The file will open as shown below. We can see the credentials underlined ( by me ). So it says the username is admin and password is empty. Now let’s check it out.
dlinkpe6
Open your browser and go the router address as shown below. The router login page should open.
dlinkpe7
Without entering any password, click on Login. You should get access to the router as shown below.
dlinkpe8
That’s all folks for today. Happy Hacking.

Comments

Popular Posts