What is this guide for:
Mini-guide to achieve self-reliance and acquiring virgin proxies which you can use for your own (educational) purposes.
Who is this guide written for:
I bet you lads are already sitting on thousands of proxies. But sometimes you need a "special" proxy. Incompetent users usually don't bother changing passwords on their devices. You can use this by creating a tunnel which is used exclusively by you. These type of obscured tunnels are often under the radar and thus safe for i.e hacking purposes. Persistent usage of this trick might lead to a pristine list which you can use for proxychains or MBA sentry.Old dogs gotta learn new tricks, right?
Here is what you need to do:
Execute Shodan query : WWW-Authenticate: Basic realm="UBNT"
http://anony.ws/image/DB63
You will see IP-results, try a couple of 'em out through HTTP. Till you get one working with the following default creds:
username: ubnt
Password: ubnt
Obviously, there are many variations or standard makes you can search for. I'm using this particular brand due to the fact that they often leave SSH enabled. easy peazy.
In page 2 or so, I found a working router. Versions differ, so frontpages may differ. In this case, the one I found looks like this:
http://anony.ws/image/DB6I
Log in, check settings, make sure logging is disabled. Alternatively, you can remove any logs by logging in through SSH(after making sure it is enabled). Another alternative is to reset the router.
Make sure the router you are logged in to is not linked to any expensive Cisco Nexus device or something like that. If you suspect high capital in the one you are in, you are putting yourself on the radar as it is most likely company equipment. Make sure it's those sleazy cheap boxes that no one ever bothers logging into.
Linux users ->
# apt-get install ssh
# ssh -D 1337 ubnt@[IP_ADDRESS]
(Green is a variable, put the Ip of the targeted router in it. ubnt is a variable too, in this case, it is the username.)
Windows users->
Install Putty
Page: SESSION
Enter Hostname: [IP_ADDRESS]
Port: 22(or whatever the port is for that router, check http config page)
http://anony.ws/image/DB6v
Page: CONNECTION/SSH/TUNNELS
Source port: 1337
Destination toggle: Dynamic
http://anony.ws/image/DB6C
Time to make the magic happen
Ok, now that we have everything. We will open up the tunnel. This may take a while, you will see a green cursor thing. Eventually, you will see a prompt saying:
# Login as:
Here, we enter the username: ubnt
Now it asks us for the password, enter password: ubnt
Congratulations, you now have a terminal available.
You could daisy-chain another connection from this vector. For easy-peazy purposes, we will just go ahead and fire up our browser. Make sure you get a proxy-add on like Foxyproxy or Proxy-selector. Enter localhost details and portnumber 1337. This is a SOCKS proxy so make sure you select that.
Check ip address. Done.
http://anony.ws/image/DB6l
I just used Linux because it's way easier and convenient. Thanks for reading!
Note: This guide is for educational purposes only. I don't claim any responsibility for your actions nor do I encourage any actions that are against the law.
Mini-guide to achieve self-reliance and acquiring virgin proxies which you can use for your own (educational) purposes.
Who is this guide written for:
I bet you lads are already sitting on thousands of proxies. But sometimes you need a "special" proxy. Incompetent users usually don't bother changing passwords on their devices. You can use this by creating a tunnel which is used exclusively by you. These type of obscured tunnels are often under the radar and thus safe for i.e hacking purposes. Persistent usage of this trick might lead to a pristine list which you can use for proxychains or MBA sentry.Old dogs gotta learn new tricks, right?
Here is what you need to do:
Execute Shodan query : WWW-Authenticate: Basic realm="UBNT"
http://anony.ws/image/DB63
You will see IP-results, try a couple of 'em out through HTTP. Till you get one working with the following default creds:
username: ubnt
Password: ubnt
Obviously, there are many variations or standard makes you can search for. I'm using this particular brand due to the fact that they often leave SSH enabled. easy peazy.
In page 2 or so, I found a working router. Versions differ, so frontpages may differ. In this case, the one I found looks like this:
http://anony.ws/image/DB6I
Log in, check settings, make sure logging is disabled. Alternatively, you can remove any logs by logging in through SSH(after making sure it is enabled). Another alternative is to reset the router.
Make sure the router you are logged in to is not linked to any expensive Cisco Nexus device or something like that. If you suspect high capital in the one you are in, you are putting yourself on the radar as it is most likely company equipment. Make sure it's those sleazy cheap boxes that no one ever bothers logging into.
Linux users ->
# apt-get install ssh
# ssh -D 1337 ubnt@[IP_ADDRESS]
(Green is a variable, put the Ip of the targeted router in it. ubnt is a variable too, in this case, it is the username.)
Windows users->
Install Putty
Page: SESSION
Enter Hostname: [IP_ADDRESS]
Port: 22(or whatever the port is for that router, check http config page)
http://anony.ws/image/DB6v
Page: CONNECTION/SSH/TUNNELS
Source port: 1337
Destination toggle: Dynamic
http://anony.ws/image/DB6C
Time to make the magic happen
Ok, now that we have everything. We will open up the tunnel. This may take a while, you will see a green cursor thing. Eventually, you will see a prompt saying:
# Login as:
Here, we enter the username: ubnt
Now it asks us for the password, enter password: ubnt
Congratulations, you now have a terminal available.
You could daisy-chain another connection from this vector. For easy-peazy purposes, we will just go ahead and fire up our browser. Make sure you get a proxy-add on like Foxyproxy or Proxy-selector. Enter localhost details and portnumber 1337. This is a SOCKS proxy so make sure you select that.
Check ip address. Done.
http://anony.ws/image/DB6l
I just used Linux because it's way easier and convenient. Thanks for reading!
Note: This guide is for educational purposes only. I don't claim any responsibility for your actions nor do I encourage any actions that are against the law.