Saturday, 24 May 2014
Firesheep, the Firefox add-on designed to show the security holes in sites that don't use encryption for all their traffic, works as advertised.
- Force your browser to switch to TLS and SSL whenever available.
- Always log out.
- Subscribe to VPN's which will protect you from this sidejacking.
Wednesday, 12 March 2014
Hello, my little hackers! Today we will teach you how to hack Your cable modem to increase speed. So, lets start.
Firstly, this is very, very illegal. Try this if you don't fear prosecution and know that you will be uncaught.
All the cable modems, when they boot up they will search for an "Image" file where-in all configuration such as speed limit and download speed limit is defined. This file is stored in ISP's TFTP server. Modem will be pre-configured with the ISP's TFTP server, IP address and the Image file name to be downloaded. When the modem boots up, it queries the TFTP server and downloads the "Image" file from TFTP server and according to this this our speed limits will be set.
Our Mission:Get this Image file from ISP`s TFTP server, reconfigure it according to our need and force our modem to download this file from our Computer rather than downloading it from our ISP`s TFTP server.
- Get cable modem's MAC address - You can either look at the back of the modem to get this MAC Address or you can logon to your cable modem with your browser, http://192.168.100.1/ . This is internal HTML pages stored within your DOCsis cable modem (SB5100, SB4100 and SB3100) that gives you even more vital information on configuration unless it is turned off by your ISP. This feature might be totally turned off by your ISP.
- Get your ISP's TFTP server IP address.
- Get name and path of the configuration file or Image file stored in the ISP's TFTP server - For getting this vital information you have to do an SNMP walk over your modem. For doing this you can use any one of the tools below. There's a program called QUERY.EXE from Weird Solutions which is a BOOTP packet request program that will tell you everything you need to know, without all these extra steps. It will display the Image Filename, TFTP server address, which is really all you need to get started. To use this BOOTP QUERY tool, you need the MAC address of your cable modem You can download this from http://www.weird-solutions.com/_bin/bootpq.exe or Solarwinds SNMP program, http://www3.solarwinds.net/downloads/SolarWinds-EE-V7-Eval.exe or DOCSIS Diagnosis Utility, http://homepage.ntlworld.com/robin.d.h.walker/docsdiag/docsdiag.zip or SNMPWALK Tool from http://www.bradford-sw.com/board/board.cgi?id=BSI_Tools&action=download&gul=13
NOTE: Use modem's IP address as 192.168.100.1 (SB5100, SB4100 and SB3100) when it asked to provide by any of the above tools. SNMP community is Public.
Using the above tools you will get the information of your ISP`s TFTP server IP and the name of your "Image file" stored in that TFTP server.All your vital information is stored in this file, one of which is the MaxRateDown 2621440;MaxRateUp 393216. (This was my ISP settings which you can see is similar to what speed I was getting. 40KB/s up and 250 KB/s down.)
Among these, the ones we need are:Configuration TFTP Server = 194.*.*..90 (replace this with yours throughout in the doc)Configuration filename = isrr.bin (replace this with yours throughout in the doc)andIP fragments created = 0IP address.10.xxx.xxx.xxx = 10.xxx.xxx.xxxIP address.192.168.100.1 = 192.168.100.1 (the IP address of the cable modem, (replace this with yours throughout in the doc)IP-to-If-index.10.xxx.xxx.xxx = 2
Suggestion: You can do this step by sniffing the modem i.e. 192.168.100.1 when modem boots up. I never tried this method. Try your luck.
4. Download Image file from ISP`s TFTP server -
To do this go to your command prompt and use below commands with out quotes and bracket.
C:\tftp -i <ISP's TFTP server IP> GET <Image filename> <local filename>
Okay, now you have an "Image" file from your ISP's TFTP server.
5. Decrypt the Image file which you downloaded from ISP's TFTP server.
6. Modify the Image file.
7. Encrypt the modified Image file.
Use DOCsis tool which you can download from
using this program you can decrypt image file change the upload speed and download speed, save it and encrypt it back. Rename this newly created file same as your original image file.
8. Change your computer's TCP configuration to your ISP's TFTP server (i.e. IP address same as ISP's TFTP server) -
Go to My Network Place (or whatever network panel you have) and
Right-click > Properties.Select your LAN card. Right-click > Properties > Internet Protocol (TCP/IP). Double click on it and change it to as following valuesConfigure your TPC's TCP settings as below:IP: 194.*.*.90 (replace with the ISP's TFTP server)Netmask: 255.255.255.0Gateway: 192.168.100.1 (replace with your cable modem's IP address)
Note: Gateway should be 192.168.100.1 only then your modem can communicate with computer.
9. Host TFTP server in your computer.
10. Put Image file in the base directory of your TFTP.
11. Restart your modem.
Download TFTP Server software and host TFTP server in your computerYou can download TFTP server from:ftp://ftp.ida.net/pub/wireless/tftpd32.exe
Start TFTPD32 server. Go to "Settings" and set the "Security" to None. Increase the timeout to 20secs and the "Max Retransmit" to 6. Choose to translate UNIX filenames. Make sure it's base directory points to where the isrr.bin is (i.e. the image file which you modified). If you need to replicate a directory pathname along with the image file, then make a directory from root that corresponds to the image file pathname.
Restart your modem, and AS SOON as the SEND light goes solid, you should see a receive on your TFTP server i.e. your PC.
12. Change your PC's IP back as given by ISP.
13. Done. Start surfing with your new speed. B) Like a cool guy.
Now you change your TCP settings of your PC back to normal as given by ISP (i.e. put your original IP address and gateway).
Note: This speed will remain same until you restart your cable modem. So each time you reboot your modem you have to follow the steps 8, 9, 10, 11 and 12.
Credits - Thanks you, coderman for this hack. Taken from: http://www.governmentsecurity.org/forum/topic/11252-hack-your-modem-and-increase-your-download-speed/
Friday, 7 March 2014
- Angry IP Scanner or any IP scanner.
- Internet access (quite obvious).
- A brain. :P
- Optional: A VPN or IP spoofer to hide your own original IP. For e.g. OpenVPN or Cisco VPN
- Step 1: Go to whatismyipaddress.com. And find out your IP address.
- Step 2: Open Angry IP Scanner, here you will see an option called " where you need to enter the range of IP address to scan for. Enter the IP of the router you want to take control of or just enter the range so that you can attack any alive host. Make sure that you're within your IP address range as that will ensure that the ADSL connection is the same as yours. For example if your IP is 18.104.22.168, then the range is 22.214.171.124 - 126.96.36.199.255.
- Step 3: Go to and select the tab. Under enter 80 (Port 80 is the general HTTP port). Now switch to the tab, select the option “” and click on OK.
- Step 4: Now click "Start". After a few minutes, the IP scanner will show a list of IPs with Port 80 open as shown in the below image:
- Step 5: Now copy any of the IP from the list, paste it in your browser’s address bar and hit enter. A window will popup asking for username and password. Since most users do not change the passwords, it should most likely work with the default username and password. For most routers, the default U pair will be admin/admin or admin/password. If you do not succeed to gain access, select another IP from the list and repeat the step 5. At least 1 out of 5 IPs will have a default password and hence you will surely be able to gain access.
- For example, I hacked this D-Link router but I didn't change any setting because I am a White Hat. My own router is a Nokia Siemens one.
By gaining access to the router settings, it is possible for an attacker to modify any of the router settings which results in the malfunction. As a result the target user’s computer will be disconnected from the Internet. In the worst case the attacker can copy the ISP login details from the router to steal the Internet connection or even hijack the DNS by pointing it at a rogue DNS server. If this happens, the victim will have to reconfigure/reset the router settings in order to bring it back to normal.