Every router comes with a username and password using which it is possible to gain access to the router settings and configure the device. The vulnerability actually lies in the Default username and password that comes with the factory settings. Usually the routers come preconfigured from the Internet Service provider and hence the users do not bother to change the password later. This makes it possible for the attackers to gain unauthorized access and modify the router settings using a common set of default usernames and passwords. Here is how you can do it.

Before you proceed, you need the following tool in the process

Angry IP Scanner

Here is a detailed information on how to exploit the vulnerability of an ADSL router.

Step-1: Go to www.whatismyipaddress.com. Once the page is loaded you will find your IP address. Note it down.

Step-2: Open Angry IP Scanner, here you will see an option called IP Range: where you need to enter the range of IP address to scan for.

Step-3: Go to Tools->Preferences and select the Ports tab. Under Port selection enter 80 (we need to scan for port 80). Now switch to the Display tab, select the option “Hosts with open ports only” and click on OK.

Step-4: Now click on Start. After a few minutes, the IP scanner will show a list of IPs with Port 80 open as shown in the below image.

Step-5: Now copy any of the IP from the list, paste it in your browser’s address bar and hit enter. A window will popup asking for username and password. Since most users do not change the passwords, it should most likely work with the default username and password. For most routers the default username-password pair will be admin-admin or admin-password.

Just enter the username-password as specified above and hit enter. If you are lucky you should gain access to the router settings page where you can modify any of the router settings. The settings page can vary from router to router. A sample router settings page is shown below.

If you do not succeed to gain access, select another IP from the list and repeat the step-5. Atleast 1 out of 5 IPs will have a default password and hence you will surely be able to gain access.

What can an Attacker do by Gaining Access to the Router Settings?

By gaining access to the router settings, it is possible for an attacker to modify any of the router settings which results in the malfunction of the router. As a result the target user’s computer will be disconnected from the Internet. In the worst case the attacker can copy the ISP login details from the router to steal the Internet connection or play any kind of prank with the router settings. So the victim has to reconfigure the router in order to bring it back to action.

The Verdict:

If you are using an ADSL router to connect to the Internet, it is highly recommended that you immediately change your password to prevent any such attacks in the future. Who knows, you may be the next victim of such an attack. 

Since the configuration varies from router to router, you need to contact your ISP for details on how to change the password for your model.

Just go to http://www.ip2location.com/demo.aspx and enter the IP address that you want to trace in the dialog box and click on “Find Location”‘. With just a click of a button you can find the following information for any given IP address.

1. Country in which the IP is located

2. Region

3. City

4. Latitude/Longitude

5. Zip Code

6. Time Zone

7. Name of the ISP

8. Internet Speed

9. Weather Station

10. Area Code and

11. Domain name associated with the IP address.

A sample snapshot of the results from ip2location.com is given below

You can also visually trace route any IP address back to it’s location. For this just visit http://www.yougetsignal.com/tools/visual-tracert/ and enter the IP you want to trace in the dialog box and hit the “Proxy Trace” button. Wait for few seconds and the visual trace route tool displays the path Internet packets traverse to reach a specified destination. Hope this helps. Please pass you comments.

I have created a PHP script to make it easier for you to find the IP address of the remote computer of your choice. Here is a step-by-step process to find out the IP address.

1. Download the IP Finder script (IP_Finder.ZIP) that I have created.

2. Open a new account in X10Hosting (or any free host that supports PHP).

3. Extract the IP_Finder.ZIP file and upload the two files ip.php and ip_log.txt into the root folder of your hosting account using the File Manager.

4. You can rename the ip.php to any name of your choice.

5. Set the permission to 777 on ip_log.txt.

Now you are all set to find the IP address of your friend or any remote computer of your choice. All you have to do is send the link of ip.php to your friend or the person with whom you’re chatting. Once the person click’s on the link, his/her IP address is recorded in the file ip_log.txt.

For your better understanding let’s take up the following example.

Suppose you open a new account in X10hosting.com with the subdomain as abc, then your IP Finder link would be

You have to send the above link to you friend via email or while chatting and ask him to visit that link. Once your friend clicks on the link, his IP address will be recorded along with the Date and Time in the ip_log.txt file. After recording the IP address, the script will redirect the person to google.com so as to avoid any suspicion.

To find the recorded IP address check the logs using the following link.

The sample log will be in the following format

79.92.144.237 Thursday 07th of May 2009 05:31:27 PM
59.45.144.237 Thursday 07th of May 2009 05:31:28 PM
123.92.144.237 Thursday 07th of May 2009 05:31:31 PM

NOTE: You have to replace abc with your subdomain name. 

I hope this helps. Express your opinion and suggestions through comments.

Most of us are very curious to know a method to send anonymous emails to our friends for fun. But the question is, is it possible to send anonymous emails in spite of the advanced spam filtering technology adopted by email service provides like Gmail, Yahoo etc? The answer is YES, it is still possible to bypass their spam filters and send anonymous emails to your friends. For example, you can send an email to your friend with the following sender details.

The art of sending this kind emails is known as Email Spoofing. In my previous post on How to Send Fake Email I insisted on using your own SMTP server to send anonymous emails. This method used to work successfully in the past, but today it has a very low success rate since Gmail and Yahoo(all major email service providers) blocks the emails that are sent directly from a PC. In this post I have come up with a new way to send anonymous emails (spoofed emails) that has 100% success rate. If you have to successfully send an anonymous email or spoofed email, you should send it using a relay server.

What is a Relay Server?

In simple words, a relay server is an SMTP Server that is trusted by Google or Yahoo as an authorised sender of the email. So, when you send an email using a relay server, the email service providers like Yahoo and Gmail blindly accept the emails and deliver it to the inbox of the recipient. If the SMTP server is not authorised, Google and Yahoo will reject all the emails sent from this SMTP server. This is the reason for which using our own SMTP server to send emails fail. 

So What’s Next?

Now all we have to do is, find a trusted SMTP server to Send Spoofed Emails. Usually all the emails that are sent from web hosting providers are trusted and authorised. So, you have to find a free web hosting provider that allows you to send emails. But, most of the free Web Hosts disable the Mail feature and do not allow the users to send emails. This is done just to avoid spamming. However all the paid hosting plans allow you to send any number of emails. Once you find a hosting service that allows to send emails from their servers, it’s just a cakewalk to send anonymous emails. All we have to do is just modify the email headers to insert the spoofed From address field into it.

I have created a PHP script that allows you to send emails from any name and email address of your choice. Here is a step-by-step procedure to setup your own Anonymous Email Sender Script

1. Goto X10 Hosting  and register a new account.

2. Download my Anonymous Email Sender Script (sendmail.rar).

3. Login to your FreeWebHostingArea Account and click on File Manager.

4. Upload the sendmail.php, pngimg.php and bg1.PNG files to the server.

5. Set permissions for sendmail.php, pngimg.php and bg1.PNG to 777.

6. Now type the following URL

7. Use the script to send Anonymous Emails. Enjoy!!!

Tell me whether it worked or not. Please pass your comments…

• A potential target computer runs many ‘services’ that listen at ‘well-known’ ‘ports’.
• By scanning which ports are available on the victim, the hacker finds potential vulnerabilities that can be exploited.
• Scan techniques can be differentiated broadly into Vanilla, Strobe, Stealth, FTP Bounce, Fragmented Packets, Sweep and UDP Scans.

Port Scanning Techniques

 
Port Scanning Techniques can be broadly classified into:

• Open scan
• Half- open scan
• Stealth scan
• Sweeps
• Misc

Commonly used tools for port scanning

1. Tool: SuperScan 3.0

2. Tool: NMap (Network Mapper)

3. Tool: NetScan Tools Pro 2003

4. Tool: ipEye, IPSecScan

• As firewall, a proxy protects the local network from outside access.
• As IP-addresses multiplexer, a proxy allows to connect a number of computers to Internet when having only one IP-address.
• Proxy servers can be used (to some extent) to anonymize web surfing.
• Specialized proxy servers can filter out unwanted content, such as ads or ‘unsuitable’ material.
• Proxy servers can afford some protection against hacking attacks.

Anonymizers

• Anonymizers are services that help make your own web surfing anonymous.
• The first anonymizer developed was Anonymizer.com, created in 1997 by Lance Cottrell.
• An anonymizer removes all the identifying information from a user’s computers while the user surfs the Internet, thereby ensuring the privacy of the user.

Its Real,On February 6th, 2000, Yahoo portal was shut down for 3 hours. Then retailer Buy.com Inc. (BUYX) was hit the next day, hours after going public. By that evening, eBay (EBAY), Amazon.com (AMZN), and CNN (TWX) had gone dark. And in the morning, the mayhem continued with online broker E*Trade (EGRP) and others having traffic to their sites virtually choked off.

• A denial of service attack (DOS) is an attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the resources, so that no one can access it.
• If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine to accomplish a denial of service attack.

Types of denial of service attacks

There are several general categories of DoS attacks.Popularly, the attacks are divided into three classes:

• bandwidth attacks,
• protocol attacks, and
• logic attacks
  

What is Distributed Denial of Service Attack?

• An attacker launches the attack using several machines. In this case, an attacker breaks into several machines, or coordinates with several zombies to launch an attack against a target or network at the same time.
• This makes it difficult to detect because attacks originate from several IP addresses.
• If a single IP address is attacking a company, it can block that address at its firewall. If it is 30000 this is extremely difficult.

Moreover if the matter is highly confidential, then it is necessary to have a totally private chat where the messages are exchanged only between the people involved in the chat and not with any other third party servers. At these situations, it is better to chat without Yahoo messenger.

So, how to carry out a private chat without Yahoo messenger or Gtalk?

For this purpose there exists many softwares that support’s you to host a web-based chat system without any additional software or services. So with these softwares the exchange of messages takes place directly between the two persons engaging in the chat and will not pass through any other third party server. This ensures 100% privacy and eliminates the desperate need to chat with Yahoo messenger.

One of my favorite program for private chat is Easy Chat Server

Easy Chat Server is a Windows program that allows you to host a web-based chat system without any additional software or services. Unlike other chat server, you do not need to install Java. It allows you to build one or more web-based chat rooms on your machine, and provides advanced chat functionalities aiming to offer discussion space for your users, customers and partners.

Here are some of the screenshots of Easy Chat Server.

 
Key Features of Easy Chat Server:

• Easy to use, Simple installation that will have you up and running in minutes.
• 128-Bit Security Socket Layer(SSL) support. Support for server level certificate creation.
• Instantly runs a complete chat server on your PCs – does not need to install any Web Server.
• Supports full private messaging and One to One private chat.
• Support of images, smileys, avatar icons.
• Full chat and access logs are available within the chat server.
• Have a built-in IP Filter, supports banning/unbanning IP address, securely.
• Multiple styles available for the user to customize rooms.
• Unlimited rooms and users, no any annual, per-user, or maintenance fees.
• No spyware, adware or other unwanted extra programs.

Here in this post I will try to give you every possible information to hide the IP address. If you seriously want to hide your IP address then this post is for you!

One of the most frequently asked questions by the internet users is How To Hide IP Address ?. Many times it becomes necessary to hide the real IP address for the sake of privacy. For this, I have tried many softwares, proxy servers and many such tools that guaranteed to hide my IP address.But still none of them worked for me. I think most of you have the same experience. Are you fed up with these dummy softwares that fails to hide the real IP address? Then is there any working way to hide the IP address?

YES, you can definitely hide your IP

Now I’ll come to the heart of the post, which contains the answer to your curious question How to Hide the IP address ? The only solution to hide your IP address is by using a Proxy Server. But Wait! The story doesn’t end here. Even though proxy servers are the only way to hide your IP address, there are several ways of connecting your PC to the proxy server. Before setting up the connection with the proxy servers you must know some information about different types of proxy servers and their uses.

1. Transparent Proxy Server
This type of proxy server identifies itself as a proxy server and also makes the original IP address available through the http headers. These are generally used to speedup the web browsing since thay have a very good ability to cache websites. But they do not conceal the IP of it’s users. It is widely known as transparent proxy because it will expose your real IP address to the web. This type of proxy server does not hide your IP address.

2. Anonymous Proxy Server
This type of proxy server identifies itself as a proxy server, but does not make the original IP address available. This type of proxy server is detectable, but provides reasonable anonymity for most users. This type of proxy server will hide your IP address.

3. Distorting Proxy Server
This type of proxy server identifies itself as a proxy server, but make an incorrect original IP address available through the http headers. This type of proxy server will hide your IP address.

4. High Anonymity Proxy Server (Elite Proxy)
This type of proxy server does not identify itself as a proxy server and does not make available the original IP address. This type of proxy server will hide your IP address.So this is the best way to mask your IP.

Which Proxy Server is the best to Hide My IP ?

I know, you can answer this question better than me.Obviously High Anonymity Proxy or Elite Proxy is the best to hide your IP. But it’s not easy to get a list of working elite proxies. If you search the Google, you will definitely get tons of proxy list. You’ll get a list of proxies in the following format

Eg: 221.90.45.67:8080 (221.90.45.67 is the IP of the proxy server and 8080 is the port number)
But most of them don’t work. Here are some of the problems/risks associated with using free proxies that are available on the internet.

• Most of them do not work since the proxy servers frequently changes it’s IP/Port number.
• Even if you find a working proxy server it may be too slow.
• Your privacy is not guaranteed since all your traffic is routed through the proxy server.
• The administrators of the proxy servers may steal your valuable information such as passwords, SSN (Social security number), Credit Card details etc.

So with all these being the risks then how to find a working, fast ,highly anonymous and secured Proxy servers?

Now I will give a list of softwares that will really hide your IP address. I have tried many such softwares and have found only few of them working perfectly. Here is a list of working IP Hiding softwares that you can try. I have listed them in the order of their popularity

1. Hide The IP

Let’s you choose the country, type and speed of the proxy. Not so popular but personally I recommend this to the users.

2. Hide My IP

3. Hide IP NG

You can get more informations about these products on their respective homepages.

How to ensure that the IP is hidden ?

Before you hide your IP you can check your real IP by visiting the following site.

WhatIsMyIPAddress.Com

Once you get your real IP, switch on your IP hiding software. Now once again visit the above site and check your IP address. If you see a new IP then this means that your software is doing the right job. Also the above site(Whatismyipaddress.com) is capable of detecting many proxies. If you see the words such as “suspected proxy server or network sharing device” or similar words then it means that the proxy you are using is not an Elite Proxy.

One Final Word before you leave! Even though Elite proxies are almost undetectable this doesn’t mean that you can escape from online crimes by hiding your IP. There are many proxy detecting services available which detect almost any proxy. So if you involve in any cyber crimes then you will definitely be behind the bars. Using proxy will not help you in this case.

One More thing, it is unsafe to use proxy during e-commerce transactions such as Online banking, Online Credit Card payment etc. So please avoid proxies during these circumstances.

While you are chatting via yahoo messenger the communication between you and the person you want to hack, takes place indirectly via Yahoo server and not directly. It is not possible to hack Yahoo messenger directly to get the IP address. So to hack his IP, you must establish a direct communication with him. So ,how to do this? It’s easy. Just start chatting with some one via Yahoo messenger. During the process of chatting send him a big file. Now the file transfer takes place directly between your computer and the victim’s computer(via yahoo messenger application). So now, you are ready to go. Here’s the step-by-step process to hack Yahoo messenger and get the IP address of the person .

• Goto the COMMAND PROMPT (START>>>RUN>>>Type CMD).
• Here Type “netstat -n” (without quotes).

• The pic given below shows netstat results of my computer. I was not chatting when i took this pic and hence it looks modified.

• Here local address is your own IP and the foreign address is the IP address of the recipient with whom you are connected via yahoo messenger (There may be multiple recipients and hence multiple foreign addresses).
• Now send him the file.
• Check the output by typing the command “netstat -n” (without quotes).
• Assume the output is something like this.

Here 124.55.23.11 is the IP address of the person with whom you are chatting and 1246 is the port number where connection is established. That’s It! You have now hacked Yahoo messenger to get his IP address.

Once you hack Yahoo messenger and get his IP address you can use any of the Remote Administration tools or perform NETBIOS HACKING.