Recovering router password using Burp Suite dictionary attack

Categories Backtrack, Blackbuntu, Kali, Linux, Windows

Few weeks ago, during cleaning up, I found an old access point/router. I wanted to attach it to my network and do some tests, but I did not remember the password for configuring it through its web access page. I knew it had to be some default user/password but I did not succeed in my tries. I thought it was the right time to prepare a small dictionary attack. There are many powerful tools for this task but I used “Burp Suite” because I love it and I try to use it whenever I can. Furthermore is a perfect tool for understanding what happen behind the scenes during these kind of attacks.

I made the following video trying to explain this process. I hope you find it helpful.

If you want you can download the ‘combinator’ script used in the video ->  combinator.rb (184 downloads) .



Blackbuntu: Failed to fetch…

Categories Blackbuntu

If you’re using Blackbuntu nowadays you might have found the following error lines when you execute apt-get update:

W: Failed to fetch 404 Not Found

W: Failed to fetch 404 Not Found

The thing is that maverick is not longer supported in the tor’s repositories and it’s been replaced by lucid. So we have to do the same in order to fix it:

nano /etc/apt/sources.list

Now go to the TOR repositories section and replace the following lines:

# Tor Project
deb-src maverick main
deb experimental-maverick main

with these lines:

# Tor Project
deb-src lucid main
deb experimental-lucid main

Now finally execute:

apt-get update
apt-get upgrade