Author Topic: Recommended way to harvest credentials ? (Read 1267 times)

blackrat · « **on:** June 28, 2015, 09:28:29 am »

Hello i have a question. if one have got access to a router and can log into the config page. What attack would you guys recommend to steal login credentials ?

dotszilla · « **Reply #1 on:** June 28, 2015, 11:45:01 am »

its called Man In the middle attack do some research on it.. also you can portscan the computers on the network see what they running and try to exploit it.. KALI got a buncha stuff for MitM too, incase youre not on linux..

BUT as far as the router config page goes only thing you can really do from there is get INFORMATION.. like how many devices on the network, their ip, MAC.. you can turn off the routers firewall if it has one... stuff like that...

Trogdor · « **Reply #2 on:** June 29, 2015, 07:23:37 am »

You could do a wordlist or brute force attack, but it will certainly show up in logs. You could also sniff the network for other credentials then apply them to the router page. There usually isn't much use in attacking a router config page, as you can gather much more info using other tools and methods.

nrael · « **Reply #3 on:** July 03, 2015, 05:46:32 pm »

ARP attack. and then use wireshark or a specific tool to harvest passwords, list urls, steal cookies, change DNS servers.

EvilZone

News:

Author Topic: Recommended way to harvest credentials ? (Read 1267 times)

blackrat

Recommended way to harvest credentials ?

dotszilla

Re: Recommended way to harvest credentials ?

Trogdor

Re: Recommended way to harvest credentials ?

nrael

Re: Recommended way to harvest credentials ?