0

I wanted to know what a person can do if he has access to the Router Settings? I know he can change the password and stuff but can he do any real password sniffing stuff?

tim
  • 29,122
  • 7
  • 96
  • 120
Vivek
  • 21
  • Depends on the router/ap. But typically they all have a interface for sniffing or redirecting traffic. – eckes Jun 03 '17 at 14:15
  • @eckes Mine has something called Routing which can route some connections through a gateway. Idk if that could do anything. I can also open ports using port forwarding – Vivek Jun 03 '17 at 14:57
  • Possible duplicate of [Is there any security threat with open WiFi connection?](https://security.stackexchange.com/questions/34764/is-there-any-security-threat-with-open-wifi-connection) – Xiong Chiamiov Jun 03 '17 at 23:51
  • Or duplicate of [Can an administrator see all of my info on shared, private WiFi?](https://security.stackexchange.com/q/121431/16960) – Xiong Chiamiov Jun 03 '17 at 23:51
  • Basically, you're pwned if someone can get to your admin panel. – multithr3at3d Jun 04 '17 at 01:32
  • 1
    @XiongChiamiov Those don't seem to be duplicates. Access to the network doesn't mean access to the router (if it did, that really would be a problem). This question does seem a bit broad as it really depends on the router, but I'm going to vote to leave this open, as a reasonably short answer could still list all possibilities, and most home routers provide at least somewhat similar options. I actually think that this is a pretty good question (if it's not a duplicate; and the title and body of the question could also use some work) – tim Jun 04 '17 at 19:57
  • @tim Thanks for supporting me. It's my first question ever on stack exchange so I'll do better next time on the title and desc – Vivek Jun 05 '17 at 03:24

1 Answers1

2

depending on the router, you can set up a proxy server and redirect all traffic to said server.

This would allow you to do any MITM attacks you would normally be able to do but without having to ARP the victims. A simple google of MITM attacks could open up a large range of ideas for your self.

DNS attacks (e.g. redirection) and SSL stripping / denial are good example of things you can do if you set up a proxy server on the router.

Basically redirecting traffic to a device to handle it with your rules is a start, and then decide what you want to do from there.

TheHidden
  • 4,315
  • 3
  • 22
  • 40