suck-o.com

Forums
https://forums.suck-o.com/

Hacking Linksys BEFSR41v3

https://forums.suck-o.com/viewtopic.php?t=714

Page 1 of 1

Hacking Linksys BEFSR41v3

Posted: 01 May 2006, 09:46
by H4evr
Hi

I've been trying to hack a router: a Linksys BEFSR41v3.
I've tried the default passwords I know of for this router:
user pass
(blank) admin
admin (blank)
admin admin

and it didn't work. The administrator changed the password.

I also tried Brutus but it gives me an error: (Warning: error due to pre-authentication), so I made my own bruteforcer. It works but it will take ages to find the correct combination.

I would like to know if anyone know an exploit/hack valid for this router?

Thanks in advance for any answer (positive or negative).

EDIT:
I forgot to post the routers answer:

HTTP/1.1 401 Authorization Required
WWW-Authenticate: Basic realm="Linksys BEFSR41v3"
Content-type: text/html
Expires: Thu, 13 Dec 1969 10:29:00 GMT
Connection: close
Cache-Control: no-cache
Pragma: no-cache

<html><head><title>401 Authorization Required</title></head><body bgcolor=red te
xt=white><h1>401 Authorization Required</h1>This server could not verify that yo
u are authorized to access. Either you supplied the wrong credentials(e.g., bad
password), or your browser doesn't understand how to supply the credentials requ
ired.</body></html>

linksys website

Posted: 01 May 2006, 10:04
by DNR
http://www.linksys.com/servlet/Satellit ... torWrapper

The above link is a visit to the linksys tech pages. Admin is the default password lol. RTFM.

Let us know how it goes.

DNR

Re: Hacking Linksys BEFSR41v3

Posted: 01 May 2006, 10:41
by H4evr
H4evr wrote:I've tried the default passwords I know of for this router:
user pass
(blank) admin
admin (blank)
admin admin

and it didn't work. The administrator changed the password.
Has I said, I've tried the default passwords.
Thanks anyway.

Posted: 01 May 2006, 16:40
by Gogeta70
Orite. Passwords are case sensitive, so 'admin' and 'Admin' are completely different. I'd suggest trying 'Admin,' as suggested before by DNR.

Posted: 01 May 2006, 17:44
by CommonStray
check this out http://www.securitytracker.com/alerts/2 ... 10357.html

Posted: 03 May 2006, 15:49
by H4evr
gogeta70 wrote:Orite. Passwords are case sensitive, so 'admin' and 'Admin' are completely different. I'd suggest trying 'Admin,' as suggested before by DNR.
Thanks for the tip. Tried it already.
That's exactly my situation. I'm in a local lan where the remote administrator feature is supposed to be turned off. But they changed the password.

Note: Still working on the bruteforce attack.
All times are UTC-06:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited