11
2007
Hack Bsnl Broadband Accounts
An article by Binary Tides
Disclaimer : The information provided below is for educational purpose only. The author is not responsible for any misuse of the information and discourages any illegal use of it.
Bsnl DataOne Broadband continues to grow as one the most popular broadband services in India with high speed facilities of upto 2 mpbs. But a large number of users of this service are vulnerable to hacker attacks because discovering and hacking the vulnerable victims of this network is shockingly simple. If you are a Bsnl Broadband user then immediately assess the security of your internet connection and take appropriate steps to secure yourself.
First lets see how simple it is to hack bsnl dataone broadband usernames and passwords. For this you shall need a ipscanner tool called Angry IP Scanner http://www.angryziber.com/ipscan/ or anything similar.
Ok so lets begin…
Get your IP from :
www.ipmango.com
Step 1 :
Start Angry IP scanner and goto options > ports. Type in 80 in the first ports textbox and click ok.
Then goto options > options ; in the display section select “only open ports” and click ok&save.
Now on the main screen put in the ip scan range as something 59.*.0.0 – 59.*.255.255 (for e.g. 59.95.2.3) and click the start button. And the list that shall follow next are the victims. In this example we choose the range 59.95.0.0 – 59.95.255.255. You will be surprised at the number of victims you discover.
Step 2 :
Pick the ip-address of any of them and open up your browser and type in http://59.*.*.* (the * should be replaced by the values from the ip you are using. A box will popup asking for username and password. Enter the username : admin and password : admin .There is a high chance that you will be able to login with that username and password.
admin-admin is the default username and password that is set while manufacturing the adsl modem devices.
What follows next is the modem administration panel.
Simply search for the “WAN” option and click it. On the next page you will find the username and password of that user. now right-click on the page and click view source. in Mozilla/Opera This frame -> view frame source
Now in the source code search for this : INPUT TYPE=”PASSWORD”
and the value field of this input element will have the password
if its not there as in case of D-Link DSL 502T ADSL Routers the search for this
input type=”hidden” name=”connection0:pppoe:settings/password” value=”password” id=”uiPostPppoePassword”
and the value field will have the password
Well each steps take less than 1 minute so getting username passwords wont take even 2 minutes and is easier than sending a mail.
And this exposes the weak security of bsnl broadband users.
Well this is not a weakness but more of a mis-configuration which leads to insecurity. If you understand networking then you would probably realise that it was merely logging into the remote administration service of the modem and nothing else. This was not really hacking but a simple search of victims who are absolutely ignorant of their weak security on the internet.
Most routers have an option where remote management can be disabled. In other words, you can only connect to the configuration interface from the internal network, not the WAN(Internet) side. You would definitely want to make sure remote management is not active to protect yourself.
Note : On SmartAX MT880 eventhough Remote Management is disabled , it permits remote logins from over the Internet. So change your mode administration passwords immediately.
The problem is that the professionals at Bsnl are ignorant of such simplicity of networking and unable to advise the users or guide them to take proper security measures leaving their customers and themselves absolutely unsecure.
Now lets check a few more options related to this issue. A bsnl broadband modem can be used in two modes. RFC Bridged mode and pppoe mode.
In the RFC Bridged mode the device behaves like a modem device that is attached to your computer and you use some dialup software to dial into the isp through this modem.This is PPPOE from the PC and the adsl device is a good modem. This mode is safer as the username password are on your pc and nothing is on the modem.
In the PPPOE mode the adsl device becomes a router – a distinct network device with many features enabled. In this mode the username password is stored in the modem which will dial to the isp and establish the internet connectivity. The computers will just connect to this router who would be their primary gateway. Now this is the mode where the risk exists.
If remote administration is enabled the remote users from the internet can login to this modems administration panel. Now the main problem is the default admin username-password which most users dont change due to ignorance. “admin-admin” is pair that works in most cases giving you full access to the modems internals. What follows next is simple as drinking a glass of orange juice.
Many users install firewalls and think they are safe, but they fail to understand that the firewall protects their PC not the “router” since the topology is like
(PC) -> router -> internet
So how should you secure yourself ?
1. Use RFC Bridged mode if it is sufficient for you.
2. Change the default admin password of your modem.
3. Disable wan ping reply . ( this will prevent the hackers from directly discovering your pc when it is on the internet)
4. Disable remote configuration feature.
5. Check your broadband usage on a regular basis and compare it with your own surfing schedules to check whether someone else has used it or not. If suspiscious usage is indicated then immediately change your bband password as well. Or a better suggestion would be to change broadband passwords on a regular basis.
Try to spread the security awareness to your friends and other relatives who are using Bsnl broadband and encourage them to secure their internet connectivity.
Disclaimer : The information provided above is for educational purpose only. The main purpose of the author is to spread awareness amongst users. The author is not responsible for any misuse of the information and discourages any illegal use of it.
Update – 09-11-2011
Bsnl has implemented a technique called Port Binding, which will bind a particular username to its phone number. Then that username will only work via that phone number. Hence the above hacking method will become ineffective.
Port Binding is slowly being implemented by Bsnl over all cities and soon would cover the whole Broadband network across the country, making it more secure.
Popularity: 100% [?]
Subscribe
Recent Posts
- Compile wxwebconnect on Ubuntu 11.04 64 bit
- Disqus Comments Importer Script in PHP
- Beginners’ guide to socket programming with winsock
- Handle multiple socket connections with fd_set and select on Linux
- Beginners guide to socket programming in C on Linux
- Gui whois client in python with wxpython
- Whois client code in C with Linux sockets
- str_replace for C
- Easy to use C/C++ IDE for Ubuntu Linux
- Get local ip in C on linux
after scanning from port scanner found that all the ports are dead….plzzz tell any other port range which workzz…!!!!!!!
hello
anyone got a way to use bsnl id and password on 117 ip series?
If anyone facing a problem to conect bsnlbroadband , so plz contact to me i will explain how can u access fast and free internet . and never u will face 691 error . my mail id is gauravshukla39@gmail.com
I WANNA INCREASE MY BSNL DOWNLOAD SPEED…CAN ANY ONE SAY ME THE SOLLUTION FOR IT…IM USING BSNL BROADBAND 512 KBPS PLAN….M DOWNLOAD SPEED IS ONLY 48-58KBPS…THNKS IN ADVNCE…PLZ POST TRICKS 2 MY ID..karam.chand143@gmail.com
ur plan is 512 kbps not 512KBPS.AND ur speed is 66KBPS.SO ITS suffecient because KBPS =KILO BYTES PER SEC AND kbps=kilo bites per sec.and 1byte =8bits so 66KBPS*8=528kbps so its right speed which u hav……………………………hav a nic day
I am the BSNL CEO.Now we have implemented port binding.You cannot hack BSNL.TRY and hack us :)
Please. Someone tell me how to use this passwords and userids. When i try to login it shows error 691. Please help me as fast as you can. Thanx again
you get error 691 because port binding has been implemented and now a username will work only from the phone number/line to which it is allotted.
i hve user name and password , and i was create a new connection but it show error 691 so please help me
thhhhhhhhhhhhhhhhhhnxxxxxxxxxxxxxxxxxxxxx.
I get connected by this method once but the victim know this and change password i get new password but now i can’t connect . Even i know other few users id and password but no any one work by this method
useless and scrappy s*** !!!
this is of no use, this will help you fools in only knowing the usernames and passwords of other users and not connecting through their accounts
for that u need to steal even the landline
now if you see me i disclose my username and password to my friends openly and my password is my telephone number itself,
my username is arif72 and password is 2521088 now try to connect through my account if you can
bsnl has never warned us to hide our usernames and passwords
this simply a WASTE OF TIME
I know the login id and password of my own broad band connection but I want to use this connection from somewhere else through another connection modem, is it allow to connect me from my own connection. If yes tell me how. My email id sskalvi@live.com
Hello friends!!!
Please tell me whether the router is honeypot or not!!!
don’t even try any userid even if u get connected because its traceable that which userid is being used at which phone no and take it 4 sure that u will be caught and will be dealt under the law of cybercrime!!!!!!!!!!
Nothing of these will work. BSNL is no more a fool.
yes , they implemented port binding.
sir ,
plz send me some working usernames& passwords
Please send me working user names & Passwords
God Bless you
bro my download speed iz only 25-28 kbps plz send me a working username and password…arnabd507@yahoo.com!
i have a wifi modem, is this trick applicable to wifi modems? and please tell how to hack my own userid and password of ADSL router. mail me at pavang254@gmail.com, please somebody reply me soon. Thank you
this will work with any router whose port 80 is accessible.
YAAR I HAVE GOT THE USER NAME AND PASSWORDS BUT WHEN I CONNECT BY USING THEM IT GIVES ERROR 691:ACCESS DENIED BECAUSE USERNAME OR PASSWORD INVALID ON DOMAIN
hey guys everything is bogus now.nothing is working.. you can get tons of id and password using above tricks,but not a single one will work.Every time it will show you 691 error message..
Guys i have found a way to hack into broadband again and also i can tell u how to get free internet on 3g , just send me your emails here and i will send u the procedure , remember the data cannot be posted here or bsnl will know about it and stop it
go here and send you email
http://bit.ly/aoOPmh
u know, u guys suck… u want to hack another persons account, and leave those poor people prey??? u dont even pay for ur software or movies, and now, want to shun away from even paying for ur own internet??? u guys seriously suck…
When put the ip address it shows the page is not available. I tried many IPs. Please help me. I also put the scan range 59.95.0.0 – 59.95.255.255. No IP opens.
use angry ip scanner for this trick…its faster that most others
hi I am jagan i am having many usernames and passwords but how can we use those????
please help me,,,,,,,,,,,,,
send to my id jaganathan15btech@yahoo.com
i have done the searching ips at angry ip searcher but no ips found
plz tell me a range of ips plzzzzzzzzzzzzz!!!!!!!
my email- ilu123_00@yahoo.com
i have the username&password how can i use this,i am confussing about this,can u help me,pls…..
looks like every one is correct…as i have expirienced it all.
error 691 is a genuine problem.. needs to sorted out anyone with with exact solutin plz post that over here only…….
117.x.x.x system looks fucking as i have the ip address…it looks safe but valuable only for unlimited plans as we cannot hack anyone through this ip….someone plz find solution for all the rookies
plzzzzzzzzzzzzzzzzzzzzzzzzzzzz
for any suggestion and discussion contact-shikha2paris@yahoo.co.in
i have got the user name and password.
but don’tknow how to use them to access internet.
please tell me.
!!!!
HAVE GOT THE USER NAME AND PASSWORDS BUT WHEN I CONNECT BY USING THEM IT GIVES ERROR 691:ACCESS DENIED BECAUSE USERNAME OR PASSWORD INVALID ON DOMAIN
tell me solution
ya.its great it really works now also..
but what we can do others username and password.
i mean how we can login with that.we have a landline connection na.