Android Linksys Guest Hack

Discussion in 'Mobile Software' started by scorpius, 19 Jul 2014.

  1. scorpius

    scorpius Well-Known Member

    Joined:
    12 Jul 2012
    Messages:
    32
    Likes Received:
    22
    This tiny (51KB) app finds the guest network's default password for almost any Linksys E-series router!

    The guest network is usually a combination of a color and animal name with the string "-guest" appended.
    An example is: YellowZebra-guest.

    If you have a linksys router with a guest network, give it a try. Just connect to the guest network, and run the app. It will take a few minutes at the most to find the password.

    This is my first android app, and I have no prior experience with mobile apps, so give me some feedback. And it's also the first "vulnerability" that I discovered. :)
     

    Attached Files:

    • Like x 3
    • Laugh My Ass Off x 2
    • Crap x 2
    • Winner x 1
    • Funny x 1
  2. maripuri

    maripuri Well-Known Member
    VIP

    Joined:
    18 Apr 2013
    Messages:
    16
    Likes Received:
    14
    Very nice..
     
    • How? How? x 1
  3. Biolog

    Biolog Active Member

    Joined:
    3 Aug 2013
    Messages:
    2
    Likes Received:
    0
    You did an excellent job. I wish my first 'Droid platform package had come out half as polished or functional. Your tool helps legitimate pentesters demonstrate multiple common vulnerabilities, beyond just this router. (Like plaintext password files, directory transversal, guest network insecurity, how bruteforcing works, etc).

    I hope you'll update it with a non-time-destructing version.

    In terms of constructive feedback:
    1) thanks for helping make the xiopan community better and sharing the tool w/ us.

    2) an easy and useful update would he to make the display text selectable.

    3) I like the credentials caching you put in, but I would rename that tab something other than "stats". I originally just stumbled onto it.

    4) the droid api letting you implement rotation is easy. Letting the app rotate horizontally would be nice, and will also keep it from crashing on some rooted devices that freakout when an app won't run in landscape.

    5) aesthetically, I like the bare-bones console feel. But the off-white text with the slight shadow effect is blurry on big non-retina screens. I'd suggest a pure 000 white, no shadowing, and to go with suggestion #2, a clean universally supported mono space font, probably Droid Sans Mono or Droid Sans Mono Bold.

    6). I'd highly recommend you add a legal tab to protect yourself and/or your intellectual property. I'm NOT giving you any legal advice here, but a disclaimer like this one could possibly be adapted:
    http://goes.gsfc.nasa.gov/text/disclaimer.html

    And a pentester disclaimer might be like sqlmap's, for example:
    http://sourceforge.net/p/sqlmap/mailman/message/27570843/

    Finally, a really easy and fantastic source for copyright options is creative commons:
    http://creativecommons.org/choose/


    Congrats again on your first app! I truly hope it is the first of many.
     
  4. scorpius

    scorpius Well-Known Member

    Joined:
    12 Jul 2012
    Messages:
    32
    Likes Received:
    22
    Thanks for the feedback and suggestions.

    I've made a few minor changes and have an update here: LinksysGuestHackBeta.zip

    It expires on Sept 1st because I still want more feedback from others. And I want to know if it works for your router. If it does please post the router model, and if it doesn't work, please post a tcpdump so I can debug it.
     
  5. chris1379

    chris1379 Member

    Joined:
    31 Jan 2015
    Messages:
    5
    Likes Received:
    0
    Is there a working version now? I wanted to try it but this version is expired.
     
  6. scorpius

    scorpius Well-Known Member

    Joined:
    12 Jul 2012
    Messages:
    32
    Likes Received:
    22
    I haven't worked on it in a while. But if there's interest, I may upload a new version.
     
    • Agree Agree x 1
    • How? How? x 1
  7. Anas

    Anas Active Member

    Joined:
    8 Jun 2012
    Messages:
    21
    Likes Received:
    1
    please update the application, i want to try it
     
    • Agree Agree x 1
  8. wrecknoble

    wrecknoble New Member

    Joined:
    3 Mar 2015
    Messages:
    1
    Likes Received:
    0
    I'd like to try it as well so I can determine how secure my guest WiFi access is. I might end up disabling it completely if the password is easy to break.
     
    • Agree Agree x 1
    • WTF? WTF? x 1
  9. scorpius

    scorpius Well-Known Member

    Joined:
    12 Jul 2012
    Messages:
    32
    Likes Received:
    22
    Sorry for the delay. Here is an updated version that has better support for hdpi screens, and also executes faster on the latest android builds: Linksys-Guest-Hack.apk

    Remember this app does not require root, is only around 50KB, and has no ads. Let me know if it works for you.
     
    • Like Like x 1
    • Friendly Friendly x 1
    • Funny Funny x 1
    • How? How? x 1
  10. chubcha

    chubcha New Member

    Joined:
    5 May 2015
    Messages:
    1
    Likes Received:
    2
    --- Double Post Merged, 5 May 2015, Original Post Date: 5 May 2015 ---
    I just installed the apk from your March 15th post but the beta has expired May 1st. Greatly appreciate link to non-beta or non-expired version. Thanks again for the hard work.
     
    • Ok Ok x 1
  11. Dazem

    Dazem New Member

    Joined:
    7 May 2015
    Messages:
    1
    Likes Received:
    0
    second chubcha's request, would love a link to a non-beta/renewed beta version, thank you! :)
     
    • Crap Crap x 1
  12. ImVanilla

    ImVanilla New Member

    Joined:
    6 Jun 2015
    Messages:
    1
    Likes Received:
    0
    I would like to try it, too! Thanks in advance.
     
  13. menlg21p

    menlg21p Well-Known Member

    Joined:
    8 Jun 2015
    Messages:
    1
    Likes Received:
    1
    Me too plz, I will give feedback.
     
    • Like Like x 1
    • Winner Winner x 1
  14. scorpius

    scorpius Well-Known Member

    Joined:
    12 Jul 2012
    Messages:
    32
    Likes Received:
    22
    OK, here's an update for you guys. The link is the same.
    md5sum: 64e9e06ace281958dfa76501787e110a
    sha1sum: 732781f4d6fe4fd61b620f2697b16fb90a33e0b5
     
    • Like Like x 1
    • Informative Informative x 1
  15. niconosabe

    niconosabe New Member

    Joined:
    23 Jun 2015
    Messages:
    1
    Likes Received:
    0
    • Agree Agree x 1
    • Ok Ok x 1
    • How? How? x 1
  16. Jerryto00744

    Jerryto00744 Member

    Joined:
    8 Aug 2015
    Messages:
    1
    Likes Received:
    0
    Iam too late?
     
    • Crap Crap x 1
  17. YungDictator

    YungDictator New Member

    Joined:
    12 Aug 2015
    Messages:
    1
    Likes Received:
    0
    Where can I download the new version? I would like to test your app.
     
    • Laugh My Ass Off Laugh My Ass Off x 1
    • Wow Wow x 1
  18. silentghost45

    silentghost45 New Member

    Joined:
    13 Aug 2015
    Messages:
    1
    Likes Received:
    0
    I would like the link to the new version also please.. Thanks
     
  19. cosmorocks

    cosmorocks New Member

    Joined:
    23 Aug 2015
    Messages:
    1
    Likes Received:
    0
    Pls let us test today
     
    • Laugh My Ass Off Laugh My Ass Off x 1
    • Get the Fuck Off Get the Fuck Off x 1
  20. chris1379

    chris1379 Member

    Joined:
    31 Jan 2015
    Messages:
    5
    Likes Received:
    0
    Found out you can set the date back and it works.

    Sent from my SAMSUNG-SGH-I537 using Tapatalk
     
    • Friendly Friendly x 1
Loading...
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.


    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K