Remote Router Sniffing

[DigitalCorrosion]

Hey guys, so I have been messing around and gaining full access to home routers lately for the fun of it and was wondering if it is possible to actually sniff the data from these networks? If so what tools would it require to remotely sniff data from these networks?

[white-knight]

If you are connected to the network then yes you can sniff some data

[DigitalCorrosion]

Well I am connected directly to the router configuration page etc. I believe I could possibly mess with the routers setting to route all the communications through mine and capture all data but not sure exactly how to set that up.

[white-knight]

u can start with wireshark that is easiest. then look into other ways like ettercap , cain& able and so on

[proxx]

u can start with wireshark that is easiest. then look into other ways like ettercap , cain& able and so on

OP wants to do it on a remote network.
And with 'got into bla bla' he means he found some default logins.
He can login to the GUI or maybe a telnet session but thats about it.

Not so sure if we should help the kid.

If he is talking about wireless routers he cracked for whatever reason then yes wireshark seems like a reasonable option.
Then again,not so sure if we should help the kid.

[th31nitiate]

It all depends on the router and it functionality to be frankly honest. Some router may allow you to catch traffic and then it be stored on the router it self and all u have to do is grab the file then analysis it. The likely chance that this will be capable from  home router is very limited to be honest.


If you can some how change some of the info on the router like the default DNS server address distributed via DHCP. You can get request to come to one of your own recursive DNS server. This will allow you to be able to monitor all the websites visited by client's on the network that get the DNS server info dynamically.


If you can somehow set-up a mandatory hop that is a must pass for all packets then i guess u can sniff all traffic. You would also need to set up a high performance server that forwards the traffic for you, this server would be the hop. I don't know whether this is possible on normal home router but i know you can set mandatory hops via QoS.

[DigitalCorrosion]

It all depends on the router and it functionality to be frankly honest. Some router may allow you to catch traffic and then it be stored on the router it self and all u have to do is grab the file then analysis it. The likely chance that this will be capable from  home router is very limited to be honest.


If you can some how change some of the info on the router like the default DNS server address distributed via DHCP. You can get request to come to one of your own recursive DNS server. This will allow you to be able to monitor all the websites visited by client's on the network that get the DNS server info dynamically.


If you can somehow set-up a mandatory hop that is a must pass for all packets then i guess u can sniff all traffic. You would also need to set up a high performance server that forwards the traffic for you, this server would be the hop. I don't know whether this is possible on normal home router but i know you can set mandatory hops via QoS.

Thanks for the informative post. It makes sense and yes I was just not sure if it could be done remotely. These were not default logins by the way. Thanks for the info guys.