11
2007
Hack Bsnl Broadband Accounts
An article by 
Disclaimer : The information provided below is for educational purpose only. The author is not responsible for any misuse of the information and discourages any illegal use of it.
Bsnl DataOne Broadband continues to grow as one the most popular broadband services in India with high speed facilities of upto 2 mpbs. But a large number of users of this service are vulnerable to hacker attacks because discovering and hacking the vulnerable victims of this network is shockingly simple. If you are a Bsnl Broadband user then immediately assess the security of your internet connection and take appropriate steps to secure yourself.
First lets see how simple it is to hack bsnl dataone broadband usernames and passwords. For this you shall need a ipscanner tool called Angry IP Scanner http://www.angryziber.com/ipscan/ or anything similar.
Ok so lets begin…
Get your IP from :
www.ipmango.com
Step 1 :
Start Angry IP scanner and goto options > ports. Type in 80 in the first ports textbox and click ok.
Then goto options > options ; in the display section select “only open ports” and click ok&save.
Now on the main screen put in the ip scan range as something 59.*.0.0 – 59.*.255.255 (for e.g. 59.95.2.3) and click the start button. And the list that shall follow next are the victims. In this example we choose the range 59.95.0.0 – 59.95.255.255. You will be surprised at the number of victims you discover.
Step 2 :
Pick the ip-address of any of them and open up your browser and type in http://59.*.*.* (the * should be replaced by the values from the ip you are using. A box will popup asking for username and password. Enter the username : admin and password : admin .There is a high chance that you will be able to login with that username and password.
admin-admin is the default username and password that is set while manufacturing the adsl modem devices.
What follows next is the modem administration panel.
Simply search for the “WAN” option and click it. On the next page you will find the username and password of that user. now right-click on the page and click view source. in Mozilla/Opera This frame -> view frame source
Now in the source code search for this : INPUT TYPE=”PASSWORD”
and the value field of this input element will have the password
if its not there as in case of D-Link DSL 502T ADSL Routers the search for this
input type=”hidden” name=”connection0:pppoe:settings/password” value=”password” id=”uiPostPppoePassword”
and the value field will have the password
Well each steps take less than 1 minute so getting username passwords wont take even 2 minutes and is easier than sending a mail.
And this exposes the weak security of bsnl broadband users.
Well this is not a weakness but more of a mis-configuration which leads to insecurity. If you understand networking then you would probably realise that it was merely logging into the remote administration service of the modem and nothing else. This was not really hacking but a simple search of victims who are absolutely ignorant of their weak security on the internet.
Most routers have an option where remote management can be disabled. In other words, you can only connect to the configuration interface from the internal network, not the WAN(Internet) side. You would definitely want to make sure remote management is not active to protect yourself.
Note : On SmartAX MT880 eventhough Remote Management is disabled , it permits remote logins from over the Internet. So change your mode administration passwords immediately.
The problem is that the professionals at Bsnl are ignorant of such simplicity of networking and unable to advise the users or guide them to take proper security measures leaving their customers and themselves absolutely unsecure.
Now lets check a few more options related to this issue. A bsnl broadband modem can be used in two modes. RFC Bridged mode and pppoe mode.
In the RFC Bridged mode the device behaves like a modem device that is attached to your computer and you use some dialup software to dial into the isp through this modem.This is PPPOE from the PC and the adsl device is a good modem. This mode is safer as the username password are on your pc and nothing is on the modem.
In the PPPOE mode the adsl device becomes a router – a distinct network device with many features enabled. In this mode the username password is stored in the modem which will dial to the isp and establish the internet connectivity. The computers will just connect to this router who would be their primary gateway. Now this is the mode where the risk exists.
If remote administration is enabled the remote users from the internet can login to this modems administration panel. Now the main problem is the default admin username-password which most users dont change due to ignorance. “admin-admin” is pair that works in most cases giving you full access to the modems internals. What follows next is simple as drinking a glass of orange juice.
Many users install firewalls and think they are safe, but they fail to understand that the firewall protects their PC not the “router” since the topology is like
(PC) -> router -> internet
So how should you secure yourself ?
1. Use RFC Bridged mode if it is sufficient for you.
2. Change the default admin password of your modem.
3. Disable wan ping reply . ( this will prevent the hackers from directly discovering your pc when it is on the internet)
4. Disable remote configuration feature.
5. Check your broadband usage on a regular basis and compare it with your own surfing schedules to check whether someone else has used it or not. If suspiscious usage is indicated then immediately change your bband password as well. Or a better suggestion would be to change broadband passwords on a regular basis.
Try to spread the security awareness to your friends and other relatives who are using Bsnl broadband and encourage them to secure their internet connectivity.
Disclaimer : The information provided above is for educational purpose only. The main purpose of the author is to spread awareness amongst users. The author is not responsible for any misuse of the information and discourages any illegal use of it.
Update – 09-11-2011
Bsnl has implemented a technique called Port Binding, which will bind a particular username to its phone number. Then that username will only work via that phone number. Hence the above hacking method will become ineffective.
Port Binding is slowly being implemented by Bsnl over all cities and soon would cover the whole Broadband network across the country, making it more secure.
Popularity: 100% [?]
Subscribe
Recent Posts
- Login into phpmyadmin without username and password
- 10+ tips to localise your php application
- 40+ Techniques to enhance your php code – Part 3
- 40+ Techniques to enhance your php code – Part 2
- 40+ Techniques to enhance your php code – Part 1
- CSSDeck – Collection of Pure CSS Creations
- Execute shell commands in PHP
- Php get list of locales installed on system
- Sound cracking in Ubuntu 11.10
- PHP script to perform IP whois
i found the ip address but user name and password is incorrect the default password admin and user name admin is not working…….
please help me…….
WHAT THE FUCK IS THIS .ITS NOT WORKING MAN.ITS BETTER TO EXPIRE UR BLOG AND ITS NO MORE USEFUL.
-SATYA
i saw another site which just directly cut copy paste this article. and smack that idiot who said you did something similar to cyber crime. keep the good work up. those ‘tards (retards) forgot to read the disclaimer. and plus forget logging in via http, yeah many ISP migrated to port binding. just telnet into it. and get the shell which is mostly a uclinux shell, and type ps aux | grep ppp. and viola you have not only seen their dialing phone number but also you can use some masked password decrypter (de-salt) it and see the username and password. ;-)
sweet sweet telnet. so go to your login shell and type?
apt-get install telnet and then ? demo
Quantum config> print high ppp
Module ‘ppp’:
1 pppoe a1 0 35
1 attribute /txVci=35/rxVci=35/class=UBR/port=a1
1 autoconnect 1
1 welogin _busted hehe_ chap
1 enableprimarydns relay client
1 enablesecondarydns relay client
1 gateway local
1 lcpmaxterminate 2
1 lcpmaxfailure 3
1 echo every 20
1 enable
2 gateway local
3 gateway local
4 gateway local
5 gateway local
6 gateway local
7 gateway local
8 gateway local
Quantum> version
MT880 version V++busted++2 INDIA (May 17 2005)
BSP: R++dang++5 BSP v1.0 (ISOS 9.x)
CSP: Argon III CSP v1.0 (ISOS 9.0)
Quantum>
;-) well well, like we said, in IT industry we build digital fortress out of figament of imagination, then? one tiny wood pecker comes and bring down the entire civilization with one stroke. hehehe! dumb dummy me!
who is buying me beer and some marijuana? ;-)
oh the BSNL guy said its impossible to bust in? isnt it? all i did was inni minni minie moe picked up random IP and telnet and viola i am in. we didnt even use the high end techniques to break in. lol. man “BSNL joker”, please commit suicide. this is just a telnet attempt.
;-) lul lawl rawlf lool lolf :-p kbai
IP and other details were kept hidden to save this chap happily browsing online. :-p
YAAR I HAVE GOT THE USER NAME AND PASSWORDS BUT WHEN I CONNECT BY USING THEM IT GIVES ERROR 691:ACCESS DENIED BECAUSE USERNAME OR PASSWORD INVALID ON DOMAIN
PLZ HELP ME FOR THIS
my id nilesh.kapare@gmail.com
Allbakwaas.info really works dude!
Thanx a lot
http://WWW.ALLBAKWAAS.INFO
thnx its really work dude
Please Help Me Out…I can’t find the page in the website allbakwass.
ALL NEW 117.X.X.X (MULTIPLAY) IP USERS YOU CAN HACK BROADBAND ACCOUNTS OF ANY BROADBAND USER.
JUST VISIT HTTP://WWW.ALLBAKWAAS.INFO
AND SEE HACK BROADBAND ARTICLE.IT IS AMAZING!
I have found more than 23 users instantly!
even multiplay(Live TV channels work)
you only need to have the equipment.
Whats the exact link bro in the site? I can’t find it.
Initially when BSNL started its broadband service Port binding was not enabled. They have done this some 2 years back in chennai.
I am sure that there is a way in by pasing this port binding which disables connection from other landlines other than the prescribed line for an User account. Security is made for someone to break it..which allows more innovation. BSNL will surely have a hole in its security..hope we crack it someday!
ALL NEW 117.X.X.X (MULTIPLAY) IP USERS YOU CAN HACK BROADBAND ACCOUNTS OF ANY BROADBAND USER.
JUST VISIT HTTP://WWW.ALLBAKWAAS.INFO
AND SEE HACK BROADBAND ARTICLE.IT IS AMAZING!
I have found more than 23 users instantly!
even multiplay(Live TV channels work)
you only need to have the equipment.
i used anil_52 but it is nt working nw a days … m in dataone multiplay system can anyone help me with anyother username whos password is password & work in dataone multiplay broadband….. help……….
can anyone send me username and password for bsnl broadband free use i badly need one espicially of yamuna nagar region or haryana my id is ajay_kumar541007@yahoo.com
hi,,, prashant
the green dots found wiyh ip address i have to type those ip address in my browser
i cant hack can anyone send me password at shashikant998@yahoo.com
please send me bsnl broadband password of unlimited plan at
rohan19932007@yahoo.com.i have home plan 250 or 500 password but not ul.those who give me passwords and uesrname i will give home plan passwords.plz give me passwords plz.
if u r for wiewing somebody’s usage details and address etc, u dont even have to hack the u/n and passowrd… believe me… that bsnl site is so poorly designed.. i was using my own id/ pw and got into some other prsons usage page.. no typing mistakes, since i was copy pasting.. i could even see the address, phone no etc ..
CAN I BE CAUGHT USING THESE IDS
my ip starts with 117.x.x.x so i can’t open a ip in my browser. plz help me
Friends ! please Visit http://www.oXXo.info For Havking tips !
hi prashant i mananged to get some ids and pass but the net speed just inceases a little and is same for all ids and pass do i have to configure any thing
plz any one who knows how to work these user id and passwords can add me on my yahoo id word_twistors@yahoo.com plzz prashant send me some ids and passwords plzz
when i place the ip in the broswer how do i come know which is bsnl net or any other net
bro accopunts not working plz post working and new accounts plz
BSNL has not implemented port binding .. at least i have never found any userid portbinded.. I have checked the uerids and passwords and they work all well. I have even come accross some BSNL userids/passwords used by BSNL IPTV(perhaps) with multiple login possibilities and unlimited data transfers with speed whooping 8 MBPS giving almost instantaneous downloads.
These are some south india based user ids and their passwords.. i am not sure where..
it is foolish of people who are using the default admin/admin router passwords. I would recommend everyone to change their router default passwords or become a victim..
dhandhania123: pundha123
atulkalaskar: atu123pun
bhushan_s_kulkarni: matichyachuli
jfp: 2448358
n.p.patel: insure01
kdevidas@dataone: paras1
kandisr: aurkan123
jaydeep_kgp@dataone: jaydeep000
indianair33: kareem33
josencap: ashram
ravi1356: 108srisri
gourisankarpgt: gou123
sreekumarib: sree237
vanil2006: nil676
pkezhuthachan: pkr6099
pongasseril: pon123
janayugamklm: 2765565
sandhyol@dataone: gokulsopanam
majeedveedu: jameela
kvwarrier@dataone: kvw123
siliconvalleymcd: mcd717
sreyapulakkat: 2555871
ah..well…
I already knew the trick..
But will you tell me my friend how to check the account type after we have hacked it..I mean how to find out WHAT PLAN WE HAVE HACKED – BUISNESS/HOME or UNLIMITED ?
what a shock !!!! oh my god.. are these passwords working? how to change user id and password of the connection? this is illegal right?
You stupids… what the hell you people think you can do with the usernames and passwords? You can just check those people’s account usage or their bsnl mail account (which is not being used by a single person in tnis country up to my knowledge).
Congratulations to your great discovery….
oh oooo, now prashant its high time you remove this blog ASAP
wow, i got a lot of passwords using this, thanks a lot prashant
here are some of the password n login i got using this
anil_52
password
selvi67@dataone
dpi123
vinoddasari@dataone
vinh3v2
highcourt_937
higd3f4
tharanis
thaw2q3
zen_kkd
zen123
adpanchal
adp123
rinhard1964@dataone
Re905gnb
lkannan_chn
lka1782
ramiah_k@dataone
rams2d3
venkateswaraind
ven123
ave2623627@dataone
627627
gsrajendran
vlakr2212
dadsn_bsnl
dadq2w3
kbalaji01
kbas2d3
sterlab321
dpiste123
one4all
one7340
cpcltd
power123
rajalakshmisathya@dataone
nrs817
dhanus_56@dataone
sprksc
roshinipriya@dataone
rosp9u8
rpkunte
anuradha
nmhuq
nmhm6n5