Inside a Wi‑Fi Hack: From Router Cracking to Personal Data Exposure

Entry

After connecting to a neighbor’s Wi‑Fi named "LOVE", I discovered three SSIDs and chose the uniquely named one.

Using the Linux tool minidwep with a password dictionary, I performed a brute‑force attack on the WPA2‑protected router and eventually obtained the password "198707**".

Difficulty

Once logged into the router’s web admin interface, I could modify DNS, view DHCP clients, and explore other functions.

The default admin credentials had been changed; by capturing a GET request I found the Base64‑encoded string "YWRtaW46YWRtaW4=" which decodes to "admin:admin". I wrote a Python script to combine dictionary passwords with "admin:" and brute‑force the Base64 hash, successfully logging in.

Opportunity

After a day, several devices appeared in the client list: two Android phones, an iPhone, an iPad, and a PC, likely belonging to the router owner.

One Android device exposed many open ports, appearing to be a media box, offering a chance to control the TV.

Search

I sniffed the iPhone traffic, captured the owner’s photos from her Weibo album, and later identified her Weibo URL to guess her WeChat account.

TV

Modern TVs use IoT boxes; many have the ADB port 5555 open. I connected via adb connect <ip>, installed a custom APK, and could start it remotely, though I refrained from playing inappropriate content.

Accounts

Through the router I hijacked logged‑in sessions for Weibo, Renren, Taobao, etc., obtaining various personal data such as photos, phone numbers, and QQ numbers.

Contact

Using a MITM injection I posted a simple message on the victim’s Weibo and added a JavaScript alert with my QQ contact.

Defense

Key security recommendations: use a strong Wi‑Fi password, change the router admin credentials, avoid sharing Wi‑Fi with strangers, keep mobile devices un‑rooted, regularly check connected devices, and update passwords after any suspicious activity.