Someone setup a non-secure wifi around my apartment, I never connected it till yesterday since I worried it’s may be a honeypot. I had some me time yesterday night, so I setup a virtual machine to connect the wifi.
Wireshark show me the guy had a XP workstation and a iPad. Port 137 opened. Iwas not sure it’s a honeypot since I don’t think A high level hacker keep the port open on LAN.
Then I opened http://192.168.0.1, I want to see was it possible to enable port mirror so I can captured packages. It turned to D-Link management web interface but I didn’t have admin password. I thought it should be default password, but unfortunately the guy changed password.
After studied the interface and XML files, eventually I got previous wifi password and his PPPOE credential. People usually set same password everywhere, so I tried it on web interface…successful. I actually don’t know anything about hack skill, but just a little knowledge of website code. Very interesting experience. :-)