Password Secrets of Popular Windows Applications. Though I am using my BSNL router here but steps and method will be similar for your modem/router as well. Is great to see that you can hack anywhere at any time using Android mobile. BSNL Broadband; BSNL Mobile - Postpaid. How do I change my password for BSNL Broadband email. I had taken Plan 250 BSNL Broadband connection in Sep'2005.For the.
Bsnl Broadband continues to grow as one the most popular broadband services in India with high speed facilities of upto 2 mpbs. But a large number of users of this service are vulnerable to hacker attacks because discovering and hacking the vulnerable victims of this network is shockingly simple. If you are a Bsnl broadband user then immediately assess the security of your internet connection and take appropriate steps to secure yourself. First lets see how simple it is to hack bsnl dataone broadband usernames and passwords.
For this you shall need a ipscanner tool called Angry IP Scanner or nmap or anything similar. Angry ip scanner is a gui tool and is easy for newbies whereas nmap is more powerful and used by hackers. Ok so lets begin. Get your IP from: Step 1: Scan ip range for alive hosts Start Angry IP scanner and goto options ports. Type in 80 in the first ports textbox and click ok. Then goto options options; in the display section select 'only open ports' and click OK & Save. Now on the main screen put in the ip scan range as something 59.0.0 - 59.255.255 (for e.g.
59.95.2.3) and click the start button. And the list that shall follow next are the victims. In this example we choose the range 59.95.0.0 - 59.95.255.255. You will be surprised at the number of victims you discover. Portscan bsnl ip range using nmap Nmap can also be used for the same task of host discovery. Here is a quick example for linux $ sudo nmap -open -sS -sV 59.95.2.1/24 -p 80 -oG - grep 'open' '-open' to show only those hosts which have the specified port open.
'-sS' for Tcp syn port scan. '-sV' to show the banner information of the http server running. '-p 80' to scan for port 80. '-oG -' for outputting in short greppable format. The output of nmap command is piped to the grep command to look for those lines which have the word 'open' in them.
This filters the nmap output and shows only those lines which have a open port 80 that is replying. Sudo is necessary to run the program as root on ubuntu. If you are already root then sudo is not needed.
Root privileges are needed for the Tcp syn method of port scan which uses raw sockets. The equivalent command on windows would be C: nmap -open -sS -sV 59.95.2.1/24 -p 80 -oG - findstr 'open' output would be similar to this C: nmap -open -sS -sV 59.95.2.1/24 -p 80 -oG - findstr 'open' # Nmap 6.01 scan initiated Tue Aug 21 23: as: nmap -open -sS -sV -p 80 -oG - 59.95.2.1/24 Host: 59.95.2.184 Ports: 80/open/tcp//upnp//Nucleus 4.3 (Huawei Intracom ADSL router UPnP; Virata-EmWeb 6.2.0; UPnP 1.0)/ Host: 59.95.2.201 Ports: 80/open/tcp//http//Allegro RomPager 4.07 UPnP 1.0 (ZyXEL ZyWALL 2)/ Host: 59.95.2.247 Ports: 80/open/tcp//http//microhttpd/.
A possible google dork can be intitle:'ADSL Router' inurl:'However it will not be very effective since broadband ip addresses are online for short time span like a day or so. Step 2: Connect to remote bsnl router Pick the ip-address of any of them and open up your browser and type in (the. should be replaced by the values from the ip you are using.
A box will popup asking for username and password. Enter the username: admin and password: admin.There is a high chance that you will be able to login with that username and password. Admin-admin is the default username and password that is set while manufacturing the adsl modem devices. What follows next is the modem administration panel. Simply search for the 'WAN' option and click it. On the next page you will find the username and password of that user. Now right-click on the page and click view source.
In Mozilla/Opera This frame - view frame source Now in the source code search for this: INPUT TYPE='PASSWORD' OR and the value field of this input element will have the password in plain text. If its not there as in case of D-Link DSL 502T ADSL Routers the search for this or input type='hidden' name='connection0:pppoe:settings/password' value='password' id='uiPostPppoePassword' and the value field will have the password. Well each steps take less than 1 minute. Some newer adsl routers do not have the password in the input tag, but instead in the javascript code on the same page. So just view the source of the page and look for something similar to this pppPassword.value = 'password'; So getting username passwords wont take even 2 minutes and is easier than sending a mail. And this exposes the weak security of bsnl broadband users. Well this is not a weakness but more of a mis-configuration which leads to insecurity.
If you understand networking then you would probably realise that it was merely logging into the remote administration service of the modem and nothing else. This was not really hacking but a simple search of victims who are absolutely ignorant of their weak security on the internet. Most routers have an option where remote management can be disabled.
In other words, you can only connect to the configuration interface from the internal network, not the WAN(Internet) side. You would definitely want to make sure remote management is not active to protect yourself. Note: On SmartAX MT880 eventhough Remote Management is disabled, it permits remote logins from over the Internet.
So change your mode administration passwords immediately. The problem is that the professionals at Bsnl are ignorant of such simplicity of networking and unable to advise the users or guide them to take proper security measures leaving their customers and themselves absolutely unsecure. Now lets check a few more options related to this issue. A bsnl broadband modem can be used in two modes. RFC Bridged mode 2. In the RFC Bridged mode the device behaves like a modem device that is attached to your computer and you use some dialup software to dial into the isp through this modem.
This is PPPOE from the PC and the adsl device is a good modem. This mode is safer as the username password are on your pc and nothing is on the modem. In the PPPOE mode the adsl device becomes a router - a distinct network device with many features enabled. In this mode the username password is stored in the modem which will dial to the isp and establish the internet connectivity. The computers will just connect to this router who would be their primary gateway. Now this is the mode where the risk exists.
If remote administration is enabled the remote users from the internet can login to this modems administration panel. Now the main problem is the default admin username-password which most users dont change due to ignorance. 'admin-admin' is pair that works in most cases giving you full access to the modems internals. What follows next is simple as drinking a glass of orange juice. Many users install firewalls and think they are safe, but they fail to understand that the firewall protects their PC not the 'router' since the topology is like (PC) - Router - Internet How to secure your bsnl broadband connection 1. Use RFC Bridged mode if it is sufficient for you. Change the default admin password of your adsl router/modem.
This way even if your modem is discovered by hackers, they shall not be able to login into it. Disable wan ping reply.
( this will prevent the hackers from directly discovering your pc when it is on the internet) 4. Disable remote configuration feature and remote logins of all kinds. Check your broadband usage on a regular basis and compare it with your own surfing schedules to check whether someone else has used it or not. If suspiscious usage is indicated then immediately change your broadband password as well. Spread the security awareness to your friends and other relatives who are using Bsnl broadband and encourage them to secure their internet connectivity.
Update - Bsnl has implemented a technique called Port Binding, which will bind a particular username to its phone number. Then that username will only work via that phone number. Hence the above hacking method will become ineffective. Port Binding is slowly being implemented by Bsnl over all cities and soon would cover the whole Broadband network across the country, making it more secure. Disclaimer: The information provided below is for educational purpose only.
The author is not responsible for any misuse of the information and discourages any illegal use of it. Sachin Naik useless and scrappy s.!!! This is of no use, this will help you fools in only knowing the usernames and passwords of other users and not connecting through their accounts for that u need to steal even the landline now if you see me i disclose my username and password to my friends openly and my password is my telephone number itself, my username is arif72 and password is 2521088 now try to connect through my account if you can bsnl has never warned us to hide our usernames and passwords this simply a WASTE OF TIME.