Let’s shut down the Internet

It is 2 AM. Last night had been anything but quiet. It was CSS’s 26th birthday and our close group of college friends, namely, Charlie, Shani, Sarma, Thakur, and Niks were all seated randomly across the floor of Charlie’s villa in Pondicherry, intoxicated by Old Monk, Coca Cola, or Tropicana Orange. It was the first time in 5 years that we were all seated in a single room (and apparently “single” as well). The conversations ranged from how the Irani tea is not actually imported from Iran to why Charlie hasn’t switched his job in the last 11 months (He has a history of switching jobs every 6 months).

It is 4 AM now. Drunk or not — these random conversations are always fun. Tired of the notifications from random Tiktok posts and Whatsapp forwards posted by his neighbor, Charlie is annoyed and proclaims loudly:

Let’s shut down the Internet!

For the first 3 minutes, we just laugh our hearts out. And then it hits us — he is actually being serious!

We have always been told that the Internet is a worldwide network and cannot be shut down. So, we took out our whiteboard and started racing our Engineering minds to figure out the scope of this idea. For the sake of this post, let’s call the neighbor Mr. X. Following was our chain of thought:

1. Instead of shutting down the Internet, we decided to limit Mr. X’s access to the Internet.
2. Disconnecting the internet cable won’t be enough as it will be spotted and fixed quickly.
3. Even though there are millions of websites on the internet, only a few of them are at the top in terms of visits. If we blocked access to *.google.com, *.facebook.com, Amazon (and subsidiaries), Netflix, and Whatsapp, we should be good.
4. No health patients are residing in his house, so this attempt is just a prank and we do not intend to cause any serious harm.

Now that we had a loosely-defined scope for the task, we set out to design a solution. Here is a list of things that we know:

1. The SSID of the WiFi router
2. The list of websites most frequently visited by Mr. X

I have been talking about the Internet for over a decade now and even amongst the IT crowd, people often miss the fact that even before a web request hits the intended web server, a DNS query has to be made to a DNS server to determine the IP of the webserver. To the uninitiated, DNS stands for Domain Name System and it is like the phonebook on your cell phone.

Comparing Contact entry to a DNS entry

Every domain name, like, google.com has 1 or more entries like the IP addresses of the server and IP address or hostname of the servers handling the mails.

There are thousands of DNS servers worldwide. At least every ISP has one and they provide it to you when setting up the Internet connection for you. The address of the DNS server can be specified at the Router level or on each device. In most cases, the Router is responsible for providing the DNS server address to all the devices that connect to it. One of the most popular DNS servers is 8.8.8.8, which is managed by Google.

If you lose access to the DNS server, your devices will not be able to figure out how to access any website.

Brainstorming in progress!

Here is the plan in brief:

1. Hack and connect to the WiFi router.
2. Bypass the authentication for the router configuration page.
3. Change/remove the DNS entry.
4. Force the devices to reconnect to the Router for the new changes to take effect.

It wasn’t really that hard to execute this. We found an excellent article to execute step 1 — How to Hack WPA/WPA2 WiFi with Reaver.

Step 2 was easier than we thought. Mr. X had a D-link router, specifically, DSL-2888A router which has a known Insufficient Authentication (CVE-2020–24579) issue.

Here is the Proof-of-concept video: https://player.vimeo.com/video/491824274

Once inside, changing the DNS to something invalid, ie, step 3 was easy.

DNS Settings in DSL Router

Unexpectedly, step 4 was the toughest part as we had to get out of the house to execute it. To force the devices to connect, either Mr. X had to go out of his house (or outside the range of the Wi-Fi router) or we had to restart the router. Given the lockdown due to the COVID-19 pandemic, the former was unlikely. The most athletic guy in our group is the birthday boy — CSS. He jumped across the common wall and flipped the MCB switch, forcing all electronic devices connected to a power source to restart, which included the WiFi router.

It is 6:30 AM. While we did not “shut down the Internet” but we did manage to disrupt Mr. X’s access to the Internet for a good 24 hours!

It was a Mission Accomplished moment for us — a group of half-drunk 20-something guys. We are hungry as hell! So, we take a stroll by the beach, and treated ourselves to filter coffee and the beautiful sunrise!

View of Sunrise at the Serenity Beach in Pondicherry

PS: While the above account is completely a work of fiction, the whole process is technically correct to the last detail.

DISCLAIMER. This article is for informational and awareness purposes. We are not responsible for any harm caused while referring to it.