It's just in my nature to do it. What you may ask.
Snoop around on a wireless network to see what is open and vulnerable.
Now don't get me wrong, I don't do it to hack into systems. I do it to show friends and family that just because they have a router with a firewall protecting their network from the Internet, the need to also secure devices on the inside network is just as important.
I've been known to cause havoc on wireless home networks such as having their printer spew paper onto the floor, or easily log into the router and disable access because they were lazy with using a password that was their home address (or worse, never changing the default password).
The shock of what just happen catches their attention.
For that matter, who needs to be stealthy when you can walk around their house and press a key on the keyboard only to reveal the PC is not password protected (social engineering remains an easy method for hackers, just ask the NSA).
My point is, you need to be vigilant with securing your home wireless network. NOT just from intruders on the outside, but also from trusted people on the inside.
You will be surprise how often your buddies or a drunk relative will freely pass along the wireless password (or passphrase as sometimes it is also called) to someone so they can hop on your network to preserve their precious mobile data usage, which can cost a premium these days. At this point, you better trust that person or hope things are secure….on the inside.
Learning to Hack (in a respectful manner)
Now, what I am about to show you, should only be used for good and only to help people. Don't be evil and use these tools with malicious intent. Because with systems and networks, more than likely it will log your tracks and you will get caught if you go to far. Remember, unauthorized access is breaking the law, even if you know the person.
Since we will be talking about wireless access, the preferred device to use is your mobile phone. And the tool I use is Fing (available at Google Play Store or Apple App Store).
Fing is a free network scanner that will scan and map the network you are connected to, and discover all devices on the network. Additionally, Fing also has a subset of tools such as ping, traceroute, DNS lookup, and more importantly a port scanner (which I'll show you why it's very useful). Basically Fing is a swiss army tool for your network.
Obviously, to use Fing with your smartphone you need to be connected to a wireless network.
Once you are connected to a friend or family network, launch Fing and allow it to scan the network. As it scans, it will list the devices that are connected to the network.
As shown in the image above, there are not many devices connected to the network. But a closer look will reveal two very interesting devices. For instance, tap on the device that ends in 148 to display info about the device.
Aahaa, we found a printer. Let's see if the printer is running web services. To find out, simply press Scan Services at the bottom and let Fing run a port scan to discover which ports the printer it is listening on.
As you can see, there are two ports we are interested in – 80 and 443. These ports indicate the printer is running web services (port 80 is HTTP and port 443 is HTTPS which uses encryption). To connect to the printer via a browser, let's try port 80 by tapping on 80 then also tapping Open browser in the pop up window.
Oh man, that was too easy. Not only was it easy to connect and display the printer status as well as view the printer configuration, there was no password to make the connection! Let's put this device on the list "tightening up security" when I talk to my friend.
No sense at this point to test port 443, since it will also connect to the printer, with out a password (sort of makes encryption useless when no password is needed). So let's see what else is on the network.
The next device of interest to me is labeled RT-N66R. Want to take a guess what that is? Yep that's the router. While I am familiar with the model RT-N66R being an Asus router, the other sure sign that it is a router, is the IP address of 192.168.1.1
Sure hope this thing is not wide open like the printer was.
To find out, repeat the same steps as above, but tap on the device ending in 1 to first display information about the device.
Yep, it's an Asus router. Time to run a port scan by tapping on Scan Services.
Hmmm, this is interesting, we don't immediately see the usual web service ports 80 or 443. That's because the router is actually using port 8443 for it's web service. And, more than likely, the 443 indicates it is using encryption (port 443 is the standard for HTTPS encryption). At this point, there is some hope that the router was securely configured properly. Let's dig a little deeper and see if that is true.
TIP: to find out what port a router listens on, just do a Google search for the router model that was found during the network discovery.
Tap on 8443. In this case, I don't see that a browser option is available. All I need to do is open the browser that I use on my phone and type the address as follows: https://192.168.1.1:8443/ (NOTE: you may need to accept the Security certificate to proceed after pressing enter).
Oh-oh, a login prompt. Well this is encouraging. Hopefully they changed the default router password. All routers come from the manufacturer with a default password and account. In the case of Asus, the account is admin and the password is admin (oh well, let's not make this to hard Asus).
Attempting to use the defaults to log on, fails. That's good news. But since I don't give up easily, I'm going to try other passwords that may have been used (remember the home address one).
After several attempts at trying to guess the password, it looks like I'm not going to be successful with logging in to the router.
That's good news to the owner of the network. And with no other device of interest on their network, it's time to tell them about that printer. Hopefully they can secure it with a strong password!
As you can see, Fing is a valuable tool for accessing a network and identifying security and vulnerabilities. While I just demonstrated two capabilities of Fing – network discovery and port scanning, it has other features and tools that can help with locking down your internal network…and keep the bad guys like me, from wrecking havoc on your network.
Now that you know how to probe a network for weak points of access, this would a good time to evaluate your own wireless network and tighten security up a bit. In the next article, I'll give you some tips on what and how to make your network more secure on the inside.