Proof-of-Concept: Users are the weakest link in security


It has always be, and will always be. Unless the users are educated with it, then things will change.

According to Bruce Schneier, an internationally renowned security technologist and author in one of his books that I don’t recall off, he mentioned that the strongest security suite is only as strong as it’s weakest link. Break the weakest link, and there goes the whole suite. Pretty true.

The same goes for web security. I’d been to MSCOSCONF09, and was enlightened about web attacks such as RFI (I never even know about it), reverse botnet, etc. Code your code in a lousy way, it can only be as sloppy as it’s meant to be. Makes sense? If not why people can still inject malicious SQL commands to drop your database or yet expose the whole table’s information? Strip the characters, yada yada (you know the drill).

I was bored, back in my hometown, where I found a blog, a malay author I assume, posted a way to get access to local pcs. Simple tool is needed. I used that tool before, so I roughly know how to handle (it’s not hard anyway lol) so was playing around with it, and next thing you know *wham* I gain access to someone’s router. Few more clicks, and I know his username and password.

Turns out to me that it’s a fluke, I’d decided to try again. Bam, another one. Search for a while, another one. I feel weird, something is not right. Amidoingitrite or theyaredoingitwrong =P So a couple more tries, and I manage to screw up my DSL line. -_- So I thought TM was banning me for doing a massive lookup, but yeah till now I still can’t prove whether they did it or my DSL port just screws up. Oh well.

Today I’d decided to push it. Turns out a lot of users are uninformed, or rather ignorant to change their default password. Of course, who will expeect outsiders to breach access to your router. The typical mindset is “Oh why would a hacker want to hack me yada yada yada” and then in the end when they can’t surf the internet because someone changed their modem/router password / internet acc password and who are they gonna blame now?

It is rather fun at first, but when I keep doing it, I really feel like vomitting, the same as to what those malay dudes commented in that blog (don’t ask me why, but yea they are malays and I don’t deny their existance on the cyberweb in fact some of them are quite good). Tho in that blog you still see wannabes who knows shit (not even basic networking, go study tcp/ip dorks) and wants to do it. It’s relatively simple once you get the concept, and it’s all about reverse engineering / bruteforce.

If I’m well versed with perl I believe that I can code a script to do this manually, then the next morning I wake up I will expect a list of usernames and passwords. Lol. No joke.

Let’s see, out of the 40++ accounts compromised (or rather accessed), most of them are using Riger modem DB102 with default username & password. The unsuccessful attempts are either password unknown (good job), webcams (oh some are accessible with default passwords as well), webservers (you will get a blank page, or a test page), locked realm (good job), etc. I even see webmails. Most of the users still use default passwords for their internet account. = = My god. To be frank I don’t bother changing my modem’s password, and router as it’s down most of the time until I go back hometown. Well, I know that I can hit the reset button for my modem / router in case anything goes wrong, and call TM to reset my account password. Not all users know that however, or most likely they will panic *runs around screaming* and trying to gain access back to the hardware. Lol. Epic.

Below is a screenshot of a part of the list I’d accumulated throughout the process (taken time around few hours, 5 maybe?)
Image Hosted by
By eXPeri3nc3

So yeah. There you have it. Even corporate accounts are found. PPPoA connections.

Here are screenshots of webcams accessed. *and my friend is COD-ing on his snow leopard lol*

Image Hosted by
Image Hosted by

… and a few more that I’m lazy to post. Lol.

In short, if the person doing this is damn *kuailan* a.k.a. nothing better to do then (I have a friend like that) he might change your router password, reboot. Voila, internet disconnected, no access to the router, and best of all if you’re using a manual connection like me then have a great time trying to access your router. Not all users are tech savvy, that’s the bad thing.

If all users are educated with the risks they are facing, or what they are doing, perhaps things won’t turn out this way. Educate those who don’t know, spread the word around. There are a lot of people doing this of late. That’s how I got to know lol.

All in all, don’t be lazy!

Now Playing — K-On! — Don’t Be ‘Lazy’

End of proof-of-concept.

Written by eXPeri3nc3.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: