Showing posts with the label hack router with kali linux

Hack passwords of Dlink routers with Metasploit

Good Evening friends. Today we will see how to hack passwords of Dlink routers on the internet and we are not talking about password cracking although we will see that also in the future. Uffff, that was a very long sentence. Ok , now let’s see how to hack passwords of remote Dlink routers, but wait there’s a catch. This howto will only work on Dlink routers having version dir 645. Now if you’re thinking who still uses that version, then you should just shhhhooodaaaan. Start Metasploit and load the “auxiliary/admin/http/dlink_dir_645_password_extractor” exploit as shown below. It’s always good to see the information about our exploit as shown below. Now set the RHOST option( i.e the IP address of our target, you will get this from shodan). Change the port to 8080. Now execute the exploit by typing command “run”. The exploit will run as shown below. Don’t worry about the errors we get as our exploit has already finished its job and saved the passwords of routers into a file. Now let’s…

Hacking Ubiquiti AirOS with Metasploit

Good Morning friends. AirOS is the firmware maintained by Ubiquiti Networks for its airMAX products which include routers and switches. This firmware is Linux based. This module exploits a file upload vulnerability existing in the firmware to install a new root user to /etc/passwd and an SSH key to /etc/dropbear/authorized_keys. So let’s see hacking Ubiquiti AirOS. Start Metasploit and load the exploit as shown below. Type command “show options” to see what options we need to set. The only option we need to set is our target IP address. If you have followed my previous howto’s you already know how to find the vulnerable targets. Set the target IP address as shown below. This module does not support check. No problem. Type command “show payloads to see the payloads we can use with this exploit. We normally have only one i.e interacting with the target’s shell. Set the payload.
Type “run”  to execute our exploit. We will get the command shell of our target as shown below. Let’s check …