Time for action – cracking default accounts on the access points
Follow these instructions to get started:
Let us first connect to our access point Wireless Lab. We see that the access point model is D-Link DIR-615 as shown in the following screenshot:
From the manufacturer's website, we find the default account credentials for Admin is blank that is, no password. We try this on the login page and we succeed in logging in. This shows how easy it is to break into accounts with default credentials. We would highly encourage you to obtain the router's user manual online. This will allow you to understand what you are dealing with during the penetration test and give you an insight into other configuration flaws you could check for.
What just happened?
We verified that at times default credentials are never changed on the access point, and this could lead to a full system compromise. Also, even if the default credentials are changed, it should not be something which is easy to guess or run a...
