11
2007
Hack Bsnl Broadband Accounts
An article by 
Disclaimer : The information provided below is for educational purpose only. The author is not responsible for any misuse of the information and discourages any illegal use of it.
Bsnl DataOne Broadband continues to grow as one the most popular broadband services in India with high speed facilities of upto 2 mpbs. But a large number of users of this service are vulnerable to hacker attacks because discovering and hacking the vulnerable victims of this network is shockingly simple. If you are a Bsnl Broadband user then immediately assess the security of your internet connection and take appropriate steps to secure yourself.
First lets see how simple it is to hack bsnl dataone broadband usernames and passwords. For this you shall need a ipscanner tool called Angry IP Scanner http://www.angryziber.com/ipscan/ or anything similar.
Ok so lets begin…
Get your IP from :
www.ipmango.com
Step 1 :
Start Angry IP scanner and goto options > ports. Type in 80 in the first ports textbox and click ok.
Then goto options > options ; in the display section select “only open ports” and click ok&save.
Now on the main screen put in the ip scan range as something 59.*.0.0 – 59.*.255.255 (for e.g. 59.95.2.3) and click the start button. And the list that shall follow next are the victims. In this example we choose the range 59.95.0.0 – 59.95.255.255. You will be surprised at the number of victims you discover.
Step 2 :
Pick the ip-address of any of them and open up your browser and type in http://59.*.*.* (the * should be replaced by the values from the ip you are using. A box will popup asking for username and password. Enter the username : admin and password : admin .There is a high chance that you will be able to login with that username and password.
admin-admin is the default username and password that is set while manufacturing the adsl modem devices.
What follows next is the modem administration panel.
Simply search for the “WAN” option and click it. On the next page you will find the username and password of that user. now right-click on the page and click view source. in Mozilla/Opera This frame -> view frame source
Now in the source code search for this : INPUT TYPE=”PASSWORD”
and the value field of this input element will have the password
if its not there as in case of D-Link DSL 502T ADSL Routers the search for this
input type=”hidden” name=”connection0:pppoe:settings/password” value=”password” id=”uiPostPppoePassword”
and the value field will have the password
Well each steps take less than 1 minute so getting username passwords wont take even 2 minutes and is easier than sending a mail.
And this exposes the weak security of bsnl broadband users.
Well this is not a weakness but more of a mis-configuration which leads to insecurity. If you understand networking then you would probably realise that it was merely logging into the remote administration service of the modem and nothing else. This was not really hacking but a simple search of victims who are absolutely ignorant of their weak security on the internet.
Most routers have an option where remote management can be disabled. In other words, you can only connect to the configuration interface from the internal network, not the WAN(Internet) side. You would definitely want to make sure remote management is not active to protect yourself.
Note : On SmartAX MT880 eventhough Remote Management is disabled , it permits remote logins from over the Internet. So change your mode administration passwords immediately.
The problem is that the professionals at Bsnl are ignorant of such simplicity of networking and unable to advise the users or guide them to take proper security measures leaving their customers and themselves absolutely unsecure.
Now lets check a few more options related to this issue. A bsnl broadband modem can be used in two modes. RFC Bridged mode and pppoe mode.
In the RFC Bridged mode the device behaves like a modem device that is attached to your computer and you use some dialup software to dial into the isp through this modem.This is PPPOE from the PC and the adsl device is a good modem. This mode is safer as the username password are on your pc and nothing is on the modem.
In the PPPOE mode the adsl device becomes a router – a distinct network device with many features enabled. In this mode the username password is stored in the modem which will dial to the isp and establish the internet connectivity. The computers will just connect to this router who would be their primary gateway. Now this is the mode where the risk exists.
If remote administration is enabled the remote users from the internet can login to this modems administration panel. Now the main problem is the default admin username-password which most users dont change due to ignorance. “admin-admin” is pair that works in most cases giving you full access to the modems internals. What follows next is simple as drinking a glass of orange juice.
Many users install firewalls and think they are safe, but they fail to understand that the firewall protects their PC not the “router” since the topology is like
(PC) -> router -> internet
So how should you secure yourself ?
1. Use RFC Bridged mode if it is sufficient for you.
2. Change the default admin password of your modem.
3. Disable wan ping reply . ( this will prevent the hackers from directly discovering your pc when it is on the internet)
4. Disable remote configuration feature.
5. Check your broadband usage on a regular basis and compare it with your own surfing schedules to check whether someone else has used it or not. If suspiscious usage is indicated then immediately change your bband password as well. Or a better suggestion would be to change broadband passwords on a regular basis.
Try to spread the security awareness to your friends and other relatives who are using Bsnl broadband and encourage them to secure their internet connectivity.
Disclaimer : The information provided above is for educational purpose only. The main purpose of the author is to spread awareness amongst users. The author is not responsible for any misuse of the information and discourages any illegal use of it.
Update – 09-11-2011
Bsnl has implemented a technique called Port Binding, which will bind a particular username to its phone number. Then that username will only work via that phone number. Hence the above hacking method will become ineffective.
Port Binding is slowly being implemented by Bsnl over all cities and soon would cover the whole Broadband network across the country, making it more secure.
Popularity: 100% [?]
Subscribe
Recent Posts
- Login into phpmyadmin without username and password
- 10+ tips to localise your php application
- 40+ Techniques to enhance your php code – Part 3
- 40+ Techniques to enhance your php code – Part 2
- 40+ Techniques to enhance your php code – Part 1
- CSSDeck – Collection of Pure CSS Creations
- Execute shell commands in PHP
- Php get list of locales installed on system
- Sound cracking in Ubuntu 11.10
- PHP script to perform IP whois
If the login name is binded, misuse of the account is prohibited
It is better to check the status of binding through NIB section of BSNL ,for safe.
Otherwise any network provider is vulnerable.
My id got transferred from NIB 1 o NIB 2(so my ip got changed from 59 to 117 so is there any way to hack it????is so plz reply here or send me at merlincow@gmail.com
HAVE GOT THE USER NAME AND PASSWORDS BUT WHEN I CONNECT BY USING THEM IT GIVES ERROR 691:ACCESS DENIED BECAUSE USERNAME OR PASSWORD INVALID ON DOMAIN
PLZ HELP ME FOR THIS
raj2cool2foolu@yahoo.co.in
the fact is that you can down lod the config file from their dsl router and open with notepad to get password pls take this
Something lik ethis i found the password and user name but not for sale and i wont user that too
ppp_conId1 userName=”*********” password=”cGFzc3dvcmQ=” serviceName=”dataone” idleTimeout=”0″ ipExt=”disable” auth=”auto” useStaticIpAddr=”0″ localIpAddr=”255.255.255.255″ Debug=”disable” pppAuthErrorRetry=”disable” pppToBridge=”enable”
_____b00t 3£f
i got the same prob man……….
IT GIVES ERROR 691:ACCESS DENIED BECAUSE USERNAME OR PASSWORD INVALID ON DOMAIN
please help me ……..
plz mail me the solution at contactavik@yahoo.com
please…
Hi, I have BSNL Broadband 250 Home . can you please give me the user id and the password of a unlimited Bsnl Broadband plan.
I tried to follow your process but i was not successful.
Thanking You,
Ritabrata Mandal.
My email id is – ritabrata.mandal99@gmail.com.
heyyyyy
ur trick is workin but
it showing all “Password” value as password each and every
how is it possible
Police will catch u guys , dont even think abt this :)
Port binding is done generally for fixed bandwidth connections: 256 and 512 kbps connections respectively.
Now you wud ask why???? Simple because these connections are unlimited plans and they are not suppose to get more speed more than what they are paying for.(Since the price tags are fixed in these cases).
Also, for IP addreses starting with 57.XX.XX.XX means that you have an old connection line and you can try your hand on hacking others account but only those with home plans and same regions.
You can try any tips that are available in the net easily.
===================================
For IP addreses starting with 117.XX.XX.XX , no ethical nor hard core hacking tricks will work any more.
I challenge any one who can do that.
You wud say that bridgeing works with port binding but its a total HOAX. theoretically the cocept of port binding can be bypassed through bridge trick but practically from my own experience its not possible.
And for all unlimited plan holders the default pass is “password” itself.
So the security must have been implemented for which the fixed plan users are getting their password as password only.
if it was not so then any of yours user name wud have been enough to hack it into.
===================================
Most easily hackable service providers are SIFY and AIRTEL.
If u want to know how : google it and u will know many ways to get it done.
===================================
Tata indicom has encrypted the total connection system, so its impossible to get it break off.
===================================
I am not the best person to advice u all in this topic but since I am the security analyst for CISCO, i wud say that @ least in my knowledge the things I have said are true to this date.
BUT BUT BUT…. as a grey hat wud say there’s always some way out and there always some way to nail the wall down……….
===================================
NOE THIS TUTORIAL WONT WORK A PORT BINDING HAS BEEN ENABLED BY BSNL
I GOT USERNAMES & PASSWORDS BUT NOT ABLE TO CONNECT
Hi,there
I m getting the user name but not the password,it is showing error as frames not supported.
is there another method that i can do..
pl.Help me.
Totally Working Man…..
Great Thing Thanks
how to establish a connection with username and password
ablish a connection pls tell me thi is for my educational plsssss
hello ,
the trick is half working but when i try to connect to net using the password and username it shows
ERROR 691:ACCESS DENIED BECAUSE USERNAME OR PASSWORD INVALID ON DOMAIN
please help me
-siddhant
siddhant10022@yahoo.com
i paste the ip address in browser
but doesnt show any popup window..
give some uscrname& ids in karnataka
help me ……..
my mail- http://www.luckygaju@gmail.com
hi prashant
how r u ?
my self prakash frm gujarat
i hack some id and password of bsnl user’s
but how can i used via my telephone line.
is this possible or not
plz reaply me at my id prem_prakash_khatri@yahoo.co.in
thx
Hello! i tried this and got a lot of usernames n passwords but still can’t connect and there is a error of 691:{access was deneied because username and/or password was invalid on the domain} im from gujarat can u tell me the unlimited plans usernames and password that i can access free broadband i have a hope that u will not b disapponting me! so send me a lots of usernames n passwords that i can access in gujarat as early as u can! plz…. plz…….plz………. b faster than any other. my mail id: akshar102@gmail.com
hey ,fuck the id hacking shit ,does any genius knows hacks of data usage,or to speed up bittorent(as they throttle it).
http://www.vertexroll.blogspot
you will find everything
Can any one give me one id this is my e-mail address nagendrakumar45@gmail.com
99% peoplez xp is pirated .i found trik to make it genuine withoout gettin cot,withwhich u can upgrase ur xp.freely n download anything fm official microsoft website………………u hav 2 visit
http://www.makeyourxpgenuine.blogspot.com
Look there are some commentators who are saying that hacking BSNL account is only possible if used the same phone line connection.
Pal, it was yesterday[27th January,2009] that I automatically logged into a wrong account with this phone line. I didn’t change the username or my password but I still got authenticated, I have HUL750 plan, the speed is 256kbps(transfer rate of 20-30KBps), but some how I got it on 2mbps(transfer rate 150-200KBps).
It wasn’t my fault, I didn’t intend to hack. It just happend automatically.
you all guys are fakin the given tricks of ip 117.*.*.* is not working at all…..
and one person above says he is the area manager of BSNL fu*k you…
visit askajinkya.tk i know many techniques .i will answer them !!!!!!!!!
please give me some username and password please its urgent and send it to anurag.prasad6@gmail.com
I HAVE GOT THE USER NAME AND PASSWORDS BUT WHEN I CONNECT BY USING THEM IT GIVES ERROR 691:ACCESS DENIED BECAUSE USERNAME OR PASSWORD INVALID ON DOMAIN
PLZ HELP ME FOR THIS
my email id id
lakhanjadeja@ymail.com
HEY GUYS…
ANOTHER USEFULL STUFF TO USE OTHERs ACCOUNTS
GO TO http://www.M4you.info
n Check Hacking BSNL ACCOUNTS
AMAZING DETAILS GUIDELINE STEP BY STEP