UGN Security
Posted By: Smot Poker Remote Access Thru Router - 07/14/03 05:13 PM
Hi Guys,
I will try and word this properly so you don't misunderstand my intensions. I am an MCSE student and the class is on the win2k server portion of the course. My instructor offers 3 hacks of the server, each worth 10% bonus marks. The first was physical access, the second was remote with a default install and a weak pwd.

The third is renamed admin account, 11 character based password, hidden shares and a firewall/router. I was able to do the first 2 and i'm not sure what strategy to use in the 3rd attempt. I have read that trying to kill the FW or router is not a good idea because I would lose the connection at both ends of it. The Unix admin at the school suggested that maybe we could Telnet thru port 80. If that can be done, would PUTTY be the tool to use? Once I establish a connection, i know I can find the password and the shares. If anyone has any hints as to what might be a way to do this, or could point me to some text, i would really appreciate it. My final exam is Monday, a week from today and there is 2 of us working on it together to increase our chances.
Thanks!
Posted By: jonconley Re: Remote Access Thru Router - 07/14/03 05:57 PM
Man, sounds like you are doing good so far. Why not try to do the rest yourself? You will feel alot better about it than if you get help. smile
Posted By: Smot Poker Re: Remote Access Thru Router - 07/14/03 06:10 PM
jonconley, thanks for the vote of confidence. You are right, I would feel much better doing it on my own. However, I've only been playing with PC's for a little more than a year, and only 2 months in school. I have been reading up on exploits and I'm realizing I probably need scripts, a bit of programming and lot more knowledge than what I have now, but I want to at least try. I DO NOT want it laid out for me, all I'm asking for is maybe some ideas or an approach. Nobody has ever even done the second hack in my instructors class, so my buddy and I were the first today. The instructor also said that we won't even get close on the 3rd attempt, but I'd like to prove him wrong, so if anyone can point me or even just nudge me a little in the right direction, that would be fantastic.
Again, thanks for having me at UGN!
Posted By: dashocker Re: Remote Access Thru Router - 07/14/03 09:06 PM
Well, I'll give you a little hint: your school admin. fed you a load of [censored]. Port 80 is the default port for HTTP. All you'll be accessing by telnet'ing to port 80 is the website running on the box, if one even exists.
Posted By: Infinite Re: Remote Access Thru Router - 07/15/03 01:02 AM
I telnet through port 80 all the time dashocker. Well, ok, I ssh through port 80 all the time, but I do telnet once in awhile. When I'm at school I use an HTTP tunnel to get out to the net all the time with things I'm not supposed to, like ssh or telnet. I'm not sure how the hell this would help you Smot Poker, but it may have been what your Unix admin was speaking of.
Posted By: Smot Poker Re: Remote Access Thru Router - 07/15/03 01:43 AM
Hi Infinite,
It all helps. I just wasn't sure if it was a feasible option or not. I'm thinking this is a little more than I can handle with my experience and only a week to prepare. I'm still open to anything of course.
Thanks guys.
Posted By: jonconley Re: Remote Access Thru Router - 07/15/03 01:56 AM
Well I would try connecting to the router changing the settings. Most routers you can connect to on 23 or 8080 or something similar. Chances are hopeful that if you are in the classroom you can see the router, so look up on the internet and try to find a hole or even the default info. Now most routers probably won't let you connect to them from the outside, but if your computer is on the network in class, you can probably connect to it.

Also, try connecting to the ports 23, 80, 88, 8080, 21 etc on the router. Ex. If your IP is say 192.168.2.10, then try connecting on the IP 192.168.2.1. It may even be listed as the default gateway on your client.

Hope that helps somewhat
Posted By: dashocker Re: Remote Access Thru Router - 07/15/03 09:02 PM
[never mind, delete this]
Posted By: Smot Poker Re: Remote Access Thru Router - 07/16/03 01:50 AM
Thanks for the help jonconley. I have the router model, IP and default pwd. I got to play with it at my machine today. I'm researching exploits and hopefully if i can crash it and default the pwd, i might have a chance. If I get by the router, I get 5% bonus marks, so thats cool.
Take care and thanks again.
© UGN Security Forum