Hackers of India

Wi-Hawk Password Auditing Tool

By  Anamika Singh  on 14 Feb 2014 @ Nullcon

This talk covers following tools where the speaker has contributed or authored
WIHAWK

Abstract

In a wireless network there are thousands of wifi routers configured with default admin passwords, which makes them vulnerable to security breaches. A wireless router when newly installed has a default admin password depending on its manufacturer and model. If not changed, the router can be compromised by an adversary to hack into the wireless network. A list of such default passwords can be obtained readily from internet which then can be used by adversaries to identify whether the router is using their default password or not. Wi-Hawk is an open source tool for auditing a range of IP addresses to sniff out wifi routers which are configured with default admin passwords. The tool provides capability to scan network for such default configured routers by taking input as

Single IP Range of IPs SHODAN search The tool uses a database which contains a list of routers with their default passwords. Based on type of input given it scans a single IP, or a range of IPs, or uses SHODAN search and scans the IPs returned by the search. SHODAN search api is a search engine which list down IPs/servers based on following list of search criteria:Country, City, Port, Host name, Geo Location, Server, OS, Date range, SSL Filters. Once the tool gets the list of IPs it scans the range to check for default configured routers.