Every router comes with a username and password using which it is possible to gain access to the router settings and configure the device. The vulnerability actually lies in the Default username and password that comes with the factory settings. Usually the routers come preconfigured from the Internet Service provider and hence the users do not bother to change the password later. This makes it possible for the attackers to gain unauthorized access and modify the router settings using a common set of default usernames and passwords.
Here is how you can do it.
Now follow these Steps :
Step 1. Go to http://www.whatismyip.com/. Once the page is loaded you will find your IP address. Note it down.
Step 2. Open Angry IP Scanner, here you will see an option called IP Range: where you need to enter the range of IP address to scan for.
Step 3. Suppose your IP is 188.8.131.52, you can set the range something as 184.108.40.206 to 220.127.116.11 so that there exists atleast 300-400 IP addresses in the range.
Step 4. Go to Tools->Preferences and select the Ports tab. Under Port selection enter 80 (we need to scan for port 80). Now switch to the Display tab, select the option “Hosts with open ports only” and click on OK.
Step 5. Now click on Start. After a few minutes, the IP scanner will show a list of IPs with Port 80 open as shown in the below image.
Step 6. Now copy any of the IP from the list, paste it in your browser’s address bar and hit enter. A window will popup asking for username and password. Since most users do not change the passwords, it should most likely work with the default username and password. For most routers the default username-password pair will be admin-admin or admin-password.
What can an Attacker do by Gaining Access to the Router Settings?
By gaining access to the router settings, it is possible for an attacker to modify any of the router settings which results in the malfunction of the router. As a result the target user’s computer will be disconnected from the Internet. In the worst case the attacker can copy the ISP login details from the router to steal the Internet connection or play any kind of prank with the router settings. So the victim has to reconfigure the router in order to bring it back to action.
WARNING: All the information is just for education purpose only.Please don't use this information for illegal purpose.
Our motto is only that you can secure yourself from these types of attack . Always Change your default user name & password..