first i gotta say that this is really EVIL
i will not name the ISP names here, but everything else will be revealed.
here i simply explain what i did:1.
i found a wireless network and cracked it's password.2.
now i tried the default admin login (admin:admin), you can also try these:
Administrator:blank password (just leave empty)
...etc, usually if you trying to log into router, it will tell you the name of the router (or at least brand) on the page (webpage is named "router name"). so look it up in google, you should get idea what the default pass is.
- additionally, if the password is not default, then it is possible to use brutus to bruteforce the admin login. im very sure that on 99% of cases, username is admin or Administrator (usually not case sensitive, but might be, if so, then admin and Administrator are most common).3.
i went into the settings of router and looked up what method it uses to connect with ISP.
- it was set to PPPoA
- using username:password provided by ISP4.
password was ******* as usual.5.
i used "firebug" to reveal the value for ******* (password).
- so now i have username:password for the internet connection.6.
now i just connected my own router to a phone line that uses the same ISP (most likely any phone line would do, in same neighbourhood, not sure if theres some filters or not, but if it uses user:pass, it should not be limited to location, only to country).7.
so all i needed to do now, is to set my router to use same method:
- VPI/VCI = 0/38
- username = email@example.com
- password = aliens (not revelead here)8.
clicked connect ! and i got somebody elses internet connection.//////////////////////////////////////////////////////////////////////////////////////
Q: is this legal ?
A: ofcourse not !
Q: can i get cought ?
A: absolutely NOT !
- let me explain, all these phone lines are connected and they end up in ISP.
- internet is account based
- for example user firstname.lastname@example.org
have a subscription, they ONLY way to get a subscription is to sign up, you will provide them your name and address. so if somebody uses "email@example.com", then they will know that it was the person who signed up.
it's basically like cellphone, if other person grabs your cell at a party and does something stupid with it, then you will get the blame for it.
- only way to track users, is by their account
- yes, smarted ppl will think .. MAC address .. hmmm.
yes ofcourse, but if ill change my router's mac ? then what ? for example i have one old router and it is bought from even different country, so there is no need to even change MAC. however they will NOT track MAC addresses, because it is account based. everybody are free to buy a new router and configure it to use their account.//////////////////////////////////////////////////////////////////////////////////////NOTE
: first i connected 2 routers using same phone line and it kicked both of them offline, so it means that one phone line can NOT handle two internet connections, but otherwise it works perfectly.UPDATE:
seems like that it is not about DSL (phone line) at all. one of the router's was offline (power cord was out) and as soon as i plug the wire into the filter (small box that converts the phone line into DSL), then my router lost connection. it seems that it is about this converter/filter box. there's 2 main lines and 2 filters/converters, but it doesn't seem to be working.