Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Me and my router


Me and my router

By ghostghost | 10508 Reads |
0     0

I haven't seen an article on this anywhere on the net, and I needed to do it and I figured it out so then thought I may as well let people know what I discovered… Basically what I'll be telling you is how to reset the admin password on a router that's already been configured without resetting the whole thing.

Contents:

1: Reasons
2: Step-by-step-story 3: Ups and Downs

   1: Reasons
 ----------------

I'm writing this (like I said in the pre-intro) because I haven't seen anything like it before, and thought I should let people know just in case they run into the same problem. Little background is that my dad set up the router, and left the password as default, so I changed it… Dilemma = I forgot what I changed it to.

 2: Step-by-step-story
-------------------------

So this is what I did:

After browsing many, many websites in the hope to find an article or tutorial on how to reset the admin password on routers without resetting the router itself.

With no luck I started thinking there must be another way. I tried flooding it with information in the hope something would f**k up and let me in, I tried resetting it, but luckily couldn't quite get to reset properly, I tried connecting to it another way, but couldn't.. Nothing was working.

So, grudgingly I went back to trawling the web for answers… Then something rather interesting took hold of me.. I'm not sure about most routers but with mine when you go to 192.168.1.1 it has a login page, username and password and the username is only readable.. but the thing I briefly read didn't make sense if this were true.. It said something along the lines of "Blah.. defaul login.. blah.. admin.. blah … username: user..blah" The user part interested me, and I knew my dad didn't know about it, since the username field was only readable and when he was searching on the config stuff nothing came up.. And then realised "Hang on a moment, the user field is only readable :(" Then it happened, a stroke of ingenuity, I opened have Firefox and had a little play with the addon WebDeveloper. Under the section for Forms there's a little option "Make all fields writeable" I clicked it… it worked, I could get rid of that 'admin' username, so I did and replaced it with "user", as you've probably worked out, if default admin username has admin as a password, I tried the default user username with user as the password…. I was in :D

And for me there was no difference in privs even though I was "user" so I went to the reset admin password page…. And then I saw something.. not so nice… "Current Password" field :( I tried 'admin' nothing. I tried 'user' nothing.. I tried giving it too many characters… Nothing. I thought I was stumped.. Angry at myself that I could even hack MY OWN ROUTER! I was thinking along the lines of" It's like it's google, or facebook or….." Then I thought "No.. It's not like those.. They have a server with PHP authentication stuff and MySQL databases.. This can't be connected to anything.. " I had a little cheeky peek at the source code and saw something rather like treasure to a poor family.. An embed link 'password.htm' and I navigated to it, and it was exactly the same as the normal change pssword page, with the 'current password' field an everything.. I had another little cheeky peek at the source….

LOW AND BEHOLD!! IT WAS JAVASCRIPT!!!

It was a basic authentication technique used in maybe Javascript 2 or 3 on hacking challenge sites.. So of course I could see my old password, that.. I'm not going to tell, just in case, and I saw the user login and there's another one called 'supporter' with the password… You guessed it.. 'supporter' and so I changed my password to something I can remember using my newly found old password, and it worked, everything was fine and dandy, so that's how I did it folks! A good 6 months or so of not being able to logon to my router for whatever reasons, rid of in about 20 minutes..

 3: Ups and Downs
 -----------------------

Ups and downs, life has both. After I'd completed this, I was rather chuffed, but it got me thinking "There must be away to exploit this" then I remembered a worm that had been released (I think from Australia) that tried to brute force routers' logins and infect it, and I think it recorded data, not sure though, now, I was completely new to these new default logins, and reasoned that it would be possible to create a worm that logs in by using the other lesser-known default login, it could then navigate to the appropriate page, download the source and use RegEx or something to find the password for the admin and then infect the router and change the admin password.. Because as far as I can remember the worm I talked about tried to brute force the admin login.. So yeah, wouldn't need to this way, that might be a down-side…

Just as a quick wrap-up, I hope you enjoyed this, and I hope you learnt something new. Um.. Rate it, well, badly, comment it constructively or not, basically, do what you want with it…. Except plagiarise..and I hope it can be helpful maybe someday in the future.. Oh and by the way, my router is D-Link, it may vary for others Umm.. That's about it really. Laters -SaMTHG

P.S Sorry if it's a bit rough, I wrote this off straight..

Comments
fuser's avatar
fuser 14 years ago

what is the router brand? I'm just curious that they didn't use a normal admin/admin configuration.

also, at least you managed to figure it out.

ghost's avatar
ghost 14 years ago

Sorry, maybe I didn't make it clear.. First of all, D-Link, but it originally was admin:admin, but I changed it, after hearing about the worm and I generally don;t like leaving things default, especially passwords, and so that was the problem, I changed it to something else, and I forgot what I changed it to…

techb's avatar
techb 14 years ago

Some routers, user will be admin, and the pass is blank.

stealth-'s avatar
stealth- 14 years ago

My router had been butchered by the ISP to have half of the functions disabled by default. By looking around, it turned out they had simply commented out the links, although the links were dead. However, I found they had moved them into a different directory. So I had acceess to all of the disabled functions of the router by just adding "/disabled/" in between the address. Simple hacks are sometimes the most fun.

ghost's avatar
ghost 13 years ago

Enjoyed how you explained the though process behind what you were doing. A good article.