This Is How I Hacked My Neighbors Computer
Not only websites and companies get hack, A real life story
Disclaimer: This a person I’m friends with and I'm not telling you how to hack yours
Intro
For some weird reason, I thought my neighbor was a secret service agent, CIA, or something similar. The way he moves, talk and behave just gave me that feeling. One night after seen him go to his garage and stayed there for hours, I knew something strange was going on. I need evidence to back up my claims, and the only thing that came to my mind was to get into his home network.
Set-up
I fired up my computer, pulled out my OS CD collection and installed Kali Linux. Everything was ready, up, and running to start my adventure. Suddenly I noticed that my internet company had a blackout. Now What? Well, I needed an internet connection to Google stuff and analyze any given information.
Accessing a wireless network
Since I didn’t have internet, my first step was to hack into his home Wi-fi. As soon I started gathering information, I noticed his router was using WEP protection.
WEP
WEP (Wired Equivalent Privacy) is a security algorithm for IEEE 802. It was developed with the intention to overcome the data confidentiality issues with the traditional wired connection. It gave better data protection by encrypting the data transmitted to avoid eavesdropping.
WEP authentication works using two methods:
- Open System Authentication (OSA) — OSA helps you gain access to any WEP network as well as receive files that aren’t encrypted
- Shared Key Authentication (SKA) — SKA allows a computer equipped with a wireless modem to gain full access to any WEP network and exchange both encrypted and unencrypted data.
WEP encryption can easily be hack using some simple tools like aircrackng, which is pre-installed in Kali Linux. It is an encryption system that is completely broken now. Using this technique and 1 hour or so later, I found out his Wifi password was maria123456789 😆
Note: For obvious reasons I Didn’t do a step by step on how I got the password
All In
Now my box is part of his home network. I wanted to know how many devices he had. This was done using nmap and the above steps :
$ nmap 192.168.1.* Using * gave me every host, IP, and open ports online and connected to his Network. This also means that any device not connected at the time to his wi-fi was not going to show up in my terminal logs, I needed to go deeper.
Taking a closer look at the logs, I noticed his router had ssh enabled, Knowing he most likely still have admin as an user in his router, in my terminal I ran the following commands:
$ ssh admin@192.168.1.1
The authenticity of host '192.168.1.1 (192.168.1.1)' can't be established.
ECDSA key fingerprint is SHA256:**********************************************.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.1.1' (ECDSA) to the list of known hosts.
admin@192.168.1.1's password:********************************************
* D-Link *
* *
* WARNING: Authorised Access Only *
********************************************
Welcome
DLINK#
At this point, I was asked to enter a password for admin@192.168.1.1. After years of doing these kinds of stuff, you will know whenever a target is running using their default settings, which can be very helpful whenever you want to break into a network. Do you want to know the password for his router? I Think you guessed it — admin 😐
Next I ran:
********************************************
* D-Link *
* *
* WARNING: Authorised Access Only *
********************************************
WelcomeDLINK# show #press "Enter" twicealg date-time deviceinfo dlna driver-log
dsl dyndns hosts ip nas
phy-interface ppp qos sntp system
upnp version wifi-channel wireless DLINK#
After a few minutes, his router gave me every device info ever connected to that network and much other stuff I needed. Also, I did the same to one of his computers using ssh, and after some hours of search and snooping around, I didn’t find what I was looking for. His search history was mostly about gardening. At this point, I knew this person was clean and that I was just a little too much paranoid.
General types of attacks
- Man-in-the-middle attack : This refers to intercepting the communication between two individuals to steal data.
- Denial of service (DDoS) : To do this, you have to overwhelm the network with traffic. As a result, it cannot fulfill any requests, leaving the system unusable
- Sniffing : It involves intercepting data packets as they are transmitted over a network.
Understanding these attacks will not only help you understand how to hack into a network but also learn cybersecurity. Since he was my neighbor, I reached out to him and told him what I just did. Instead of getting mad, he was astonished to know how I breached his privacy. After a few minutes of talk, he gave me a “Bounty” and asked me to help him secure his network, which I did. And we lived happily ever after.
