English broadcasts will now be more frequent!
Holidays are beautiful. Sun, sand, summer, heat… There are also hotels that make these holidays beautiful.
There are also good services provided by hotels. For example unlimited Wifi. However, there is one thing. Border wifi sounds good, but it exposes you when it comes out of the hands of a bad computing department.
While I broke the wifi of 4 different hotels in my environment, I was able to pull the devices connected to each wifi and read the data flowing from them. And while doing this, I only used ready-made cyber security tools.
First of all, it is secured with WPS with the “Wifite” tool… I would like to say. But there is no security. I think it takes about 5 minutes to get the password of the network with WPS.
There was only one protection with WPA2. In that, “crunch”, “HashCat” came to my aid. And I created a smart wordlist and found the Wifi password among 1.2M words.
After breaking the wifi, I searched and found the modem interface on the network. And I broke it with a brute force attack with the ready wordlist. Most of them had Username/Password: Admin/Admin.
This is sad… Then I did the information of the devices and port forwarding from the modem interface. And by pulling on my device “EtterCap” tool I started to see the passwords my device read.
The woman in the hotel next door was cheating on her husband… In order not to reveal such private things, it is useful to be careful in public wifi.
Let alone the devices on the common network. Many computers that kept the customer records of the hotels had XP operating system. I only got into one with Metasploit. And it’s really heartbreaking. Where’s the security?
I’m not a cybersecurity expert, I’m not a hacker. If I can do that when I’m a geek… What would real hackers do if they really did it for commercial purposes, blackmail or entertainment?
Have a nice day with lots of informatics 🙂