can a router be hacked from across the internet? what are possible ways it can be hacked?

networking wireless-networking router security
17,605

There are actually 2 separate questions here, as well as a third possibility which should be considered -

  1. Can your router be hacked across the Internet.

Depending on the router, this is possible - there are numerous routers which have back doors to allow them to be remotely accessed - in some cases its built in by service providers to allow them to upgrade routers, in others its negligent system build by the router manufacturers and in others its routers which have been compromised by 3 letter agencies. As a rule of thumb, if you have a router provided by your ISP or running default firmware you should consider it suspect. Routers running custom firmware (like DD-wrt) are less likely to be compromised, but this is not impossible.

  1. How did my password land up in a dictionary

Its impossible to answer this definitively, however it is possible that

  • your password is not as complex as you think it is and was in a local dictionary, or
  • it was, in fact not in a local dictionary - rather some traffic was sniffed and the data was sent to an off-site system to be analyzed against a huge dictionary - these definately exist,
  • The wireless encryption standard you are using was broken, and the password was decrypted because the encryption was broken rather then the password (WEP is very broken, other standards to a greater or lesser degree)

  • Your router password may not have been arbitrary - it may have been a derivative of the mac address or some other formula created by the router manufacturer which was in use and was reverse engineered.

    1. The option you have not considered - That one of the DEVICES you use was compromised (for example through malware), and the password got out that way. (For that matter, it could have been a friend who used your WIFI's device) This is, IMHO, somewhat unlikely because it does not explain how the data got into the password list, but it is a more likely attack vector then the router having been compromised.
Share:
17,605

Related videos on Youtube

user712843
Author by

user712843

Updated on September 18, 2022

Comments

  • user712843
    user712843 over 1 year

    I hope it is OK to post here, please correct me if I am in the wrong spot.

    I am attempting to learn more about information security. So just as an experiment I downloaded Kali Linux and a large dictionary of passwords gathered from several leaks, etc. and I used aircrack-ng to see if I could get into my wireless network.

    To my surprise (horror?) my wifi password must have been in the dictionary and it was very easy to hack.

    My wifi password is admittedly, not very secure but very arbitrary. So I am having a hard time believing anyone else would have had that password, which is making me wonder if I had been hacked at some point.

    This is where I lack understanding. I only ever used this password for my wireless network.

    Here is my question, is there any way that a router could be hacked from across the internet if someone had my IP address? Or would someone literally have to sit outside my house and try to hack into my network? I did have a port open for a multiplayer game if that makes a difference, I understand that can be a security risk, but apart from that, don't know much more.

    thanks for any explanation.

    • Ramhound
      Ramhound about 7 years
      You cannot hack wireless network if your not close enough to connect but you can hack the router if it's configured so you can remotely configure it. Just disable that option, and unless it has a hidden capability (this does exist in older hardware) you are safe. Of course you should use a secure enough password to the administrator account that's used to configure it also.
    • Vomit IT - Chunky Mess Style
      Vomit IT - Chunky Mess Style about 7 years
      As for can a router be hacked from across the internet? what are possible ways it can be hacked?... if your router's web management interface e.g. TCP 443 or 80 is accessible from the WAN side then a simple brute for from there would be possible. Change your default password to the management interface and be sure to configure your settings to lock down the management ports from router's WAN or untrusted interfaces and test to confirm as such.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Someone keeps hacking my wifi router
Router Intrusion in firewall's log
iPhone won't connect to home wireless network - but laptop will?
ASUS router EA-N66R has different subnet mask than laptop
My router shows two IP addresses for my son's lap top
VPN Issue - successful connection through mobile (iPhone Hotspot) but unsuccessful through home WIFI
Laptop won't work with WPA encryption
TP-Link router sometimes fails to negotiate proper IP address
Configuring a Wired Access Point - Linksys WRT54G
Asus Router RT- N12 D1 not connecting with pppoe