Protocol Vulnerability: Using unsecure protocols like TELNET / HTTP

-

Vulnerability is when you are using unsecure methods in your organization that may open you up to attacks from hackers.This lab provides a simple inside look into why protocols like TELNET/HTTP are not used instead SSH/HTTPS is used.


Router 1 Configs:

Assign IP on port:


Configs for enabling TELNET



Enable HTTP

R2 Configs: Just configure IP on the port.


Now to show as to why using TELNET is a vulnerability we are going to access the R1 using telnet from R2.

We will capture packet using Wireshark, and look for Telnet traffic.


Go to Router 2 and TELNET into Router 1 and run some commands.

Filter for telnet traffic.


So I ran 2 commands "show ip interface br" & "show interface summary".

Lets see the Wireshark capture.


And here you can see if I am a malicious actor, I have gotten access to your account/password and I can also see the commands and configuration that you are making to the router.

This is the prime reason why TELNET is discouraged.

Now we go the kali linux and enter the router using HTTP.

Open firefox.

Type the address of the interafce ip and enter the username and password.


We can access the router from here and run some commands.

Later we will see the wireshark capture and see the HTTP traffic.


I ran the "show version" command and you can see the output below.

Here is the vulnerability among the unsecure protocols.

I can see the credentials and the command that was executed as well.   

Please share you thoughts on the topic, and the feedback on the linkedin post.

Tell me what topics you want me to explore. I'm thinking about automation with Ansible or Python. 

Comments

Post a Comment

Popular posts from this blog

Denial of Service : Ping of Death [Kali Linux]

-
Image
Ping of Death (PoD) Attack: The Ping of Death (PoD) is a specific type of DoS attack. In a PoD attack, an attacker sends a malformed or oversized packet to a targeted machine, causing the system to crash, freeze, or reboot. Here's how it works: A correct Internet Protocol version 4 (IPv4) packet comprises a maximum of 65,535 bytes, and most legacy computers cannot handle larger packets. Sending a ping larger than this violates the IP rules, so attackers send packets in fragments which, when the targeted system attempts to reassemble, results in an oversized payload that can cause the system to crash, freeze, or reboot. Routers with no security mechanism (like a Firewall) to protect them from this flood of packets are also vulnerable.  The vulnerability can be exploited by any source that sends IP datagrams, which include an ICMP echo. Let us see through a simple lab demonstration, how it might play out. Here we have Linux with Kali distribution on EVE-NG. Directly connected to a ro...
Read more

GRE over IPSEC Tunnel

-
Image
When it comes to enhancing VPN security, the combination of GRE (Generic Routing Encapsulation) and IPsec (Internet Protocol Security) is a powerful duo that significantly boosts data protection and network efficiency. Let’s dive into the benefits: Enhanced Security : By merging GRE with IPsec, network engineers can ensure not only the versatility of GRE tunnels but also the robust security measures provided by IPsec. This amalgamation is crucial for creating secure VPNs that are resilient against cyber threats while maintaining high performance and reliability. Protocol Agnostic : GRE can encapsulate a variety of protocols, making it extremely versatile in multi-protocol environments. It simplifies the setup of VPNs over diverse networks by providing a straightforward way to encapsulate different protocols. Performance Optimization : GRE’s lightweight encapsulation minimizes overhead, resulting in improved performance. It allows efficient transport of packets over heterogeneous networ...
Read more

OSPF Special Areas

-
Image
  OSPF areas and Special Areas Use in Networking: 1. Scalability: As networks grow, the number of routers and links can increase exponentially. This can lead to large routing tables and high CPU utilization due to frequent SPF calculations. By dividing a network into smaller areas, OSPF can limit the impact of topology changes and keep routing tables manageable. 2. Reduced Routing Traffic: OSPF uses Link State Advertisements (LSAs) to share information about network topology. By confining LSAs within an area, OSPF can reduce routing traffic across the network. 3. Security and Administrative Control: Areas can be used to implement administrative boundaries within a network, allowing different departments or locations to manage their own networks. Now, let's discuss the special areas in OSPF: Stub Area: A stub area is an area that does not accept external LSAs. This means that routers in a stub area only know about networks within their area and a default route to the rest of the n...
Read more