Time for action – cracking default accounts on the access points
Follow these instructions to get started:
Let's first connect to our Wireless Lab access point and attempt to navigate to the HTTP management interface. We see that the access point model is TP-LINK Wireless N Router WR841N, as shown in the following screenshot:
From the manufacturer's website, we find the default password for
admin
isadmin
. We try this on the login page and we succeed in logging in. This shows how easy it is to break into accounts with default credentials. We highly encourage you to obtain the router's user manual online. This will allow you to understand what you are dealing with during the penetration test and gives you an insight into other configuration flaws you could check for.
What just happened?
We verified that the default credentials were never changed on this access point, and this could lead to a full network compromise. Also, even if the default credentials are changed, the result should not be...