Subscribe For Free Updates!

We'll not spam mate! We promise.



Hack Remote Routers With Telnet

Telnet is a legacy remote terminal TCP/IP application used for remote administration , Telnet is notorious for transmitting communications in plain text and has long since been superseded by SSH that uses encrypted channels so it is rare to see telnet in use on the Internet .
But you will be surprised to know that most of the routers have telnet serveries running on them by default even today ,This is a serious vulnerability ,this allows malicious users to connect to the router from anywhere in the world using default credentials, and can wreak havoc.
I this article I will explain how you can scan large number of routers for telnet services, which we can then attempt to use default credentials to log in

Hack Remote Routers Using Telnet
Things You Need:-

1. Random telnet scanner originally written by Solaris (modified by me) . The program attempts to open a connections to the telnet port (23) of  random ips, if it succeeds the program logs the success in a log file telnet.txt for later analysis. The program then repeats, so if you run a few instances of the program for a few hours you can end up with a list of around 200 telnet boxes .Originally the program is written in Perl but i have modified it into a batch file  
You can download the modified version of  random telnet scanner from Here
and to get the password click Here
2. Telnet client
For windows XP/Linux users you will already have telnet client by default but for windows 7 users you will need to enable your telnet client  by following these steps
Go to ----> Start ----->Control Panel ------> Programs And Features -------->Turn Windows features on or off  ,now Check Telnet Client and Hit OK
After that you can start Telnet via Command Prompt ( Cmd )

1. First run the remote telnet scanner for 20- 30 minutes and you will end up with 10 -20 telnet boxes 
2. Now you have your list of IP's with the telnet port open in telnet.txt as shown 

3. Now open your telnet client and connect to the ips  you will  be  prompted for a username and password, try the common user names and passwords like
Admin -admin
Admin - "blank password "
Root   - root
Root   - "blank password "

A lot of routers disclose there model number in the telnet banner when you connect ,so a simple Google search often turns up the default user name and password. Otherwise move on to the next ip

4. From here its up to you what you do, but i enjoy using simple network tools like ipconfig and ping to map out the network, sometimes i have found routers that have nmap and telnet clients on etc. you can even port forward packets to printers and use them across the Internet to print out hundreds of copy's A funny concept that i have got to work in the past few days is with the routing tables and redirecting every web request to different sites 
A Special thanks to Solaris for the Random telnet scanner and for the information

Please Give Us Your 1 Minute In Sharing This Post!
Powered By: AdDy FiZzi


Post a Comment

Really thanks for taking time to leave a comment..