прога Router Scan

Discussion in 'Беспроводные технологии/Wi-Fi/Wardriving' started by СЕРЖ32, 11 Nov 2013.

  1. mooooooon

    mooooooon New Member

    Joined:
    4 Feb 2019
    Messages:
    94
    Likes Received:
    2
    Reputations:
    1
    @Kakoluk
    Tried it on another telnet client and it worked ... any ideas how to grab the wps pin of the device?
    sendcmd 1 DB p WLANWPS
    gives me this
    <DM name = "ViewName" val = "IGD.LD1.WLAN1.wps" />
    <DM name = "WLANViewName" val = "IGD.LD1.WLAN1" />
    <DM name = "Enable" val = "1" />
    <DM name = "WPSMode" val = "0" />


    and tried nvram show | grep wps_device_pin but it doesn't work as it's not from the registered commands in
    BusyBox v1.01
    https://i.ibb.co/bmHHTyB/Screenshot-2020-02-19-13-41-33-1.png

     
  2. mooooooon

    mooooooon New Member

    Joined:
    4 Feb 2019
    Messages:
    94
    Likes Received:
    2
    Reputations:
    1
    any idea how can i login using this ?

    <Row No="3">
    <DM name="ViewName" val="IGD.AU4"/>
    <DM name="Enable" val="1"/>
    <DM name="IsOnline" val="0"/>
    <DM name="AppID" val="2"/>
    <DM name="User" val=""/>
    <DM name="Pass" val="zte"/>
    <DM name="Level" val="1"/>
    <DM name="Extra" val=""/>
    <DM name="ExtraInt" val="0"/>

    tried it using curl but it failed .. how while it's enabled ?
     
  3. qwerty_3322

    qwerty_3322 New Member

    Joined:
    31 Dec 2019
    Messages:
    12
    Likes Received:
    0
    Reputations:
    0
    mooooooon

    Do you have direct access to the router by telnet or ssh?
     
  4. mooooooon

    mooooooon New Member

    Joined:
    4 Feb 2019
    Messages:
    94
    Likes Received:
    2
    Reputations:
    1
    I have both
     
  5. qwerty_3322

    qwerty_3322 New Member

    Joined:
    31 Dec 2019
    Messages:
    12
    Likes Received:
    0
    Reputations:
    0
    Then try just find the file with wps-pin and reset it. Also you probably need to find where to enable wps authentication mode on router config. And use Reaver.
     
  6. mooooooon

    mooooooon New Member

    Joined:
    4 Feb 2019
    Messages:
    94
    Likes Received:
    2
    Reputations:
    1
  7. qwerty_3322

    qwerty_3322 New Member

    Joined:
    31 Dec 2019
    Messages:
    12
    Likes Received:
    0
    Reputations:
    0
  8. mooooooon

    mooooooon New Member

    Joined:
    4 Feb 2019
    Messages:
    94
    Likes Received:
    2
    Reputations:
    1
    what does mean ? i opened that file two and couldn't find anything about the wps pin !


    but why ? you could just do it using 7 zip ... also i found that ssh password much earlier ... nothing new :(
     
  9. mooooooon

    mooooooon New Member

    Joined:
    4 Feb 2019
    Messages:
    94
    Likes Received:
    2
    Reputations:
    1
    any help decrypting this zte zxhn h108n config file
    python decode_zte_config.py --key "GrWM2Hz&LTvz&f^5" db_default_dsl_cfg.xml config.bin.xml
    or
    python decode_zte_config.py --key "GrWM2Hz&LTvz&f^5" db_default_eth_cfg.xml config.bin.xml

    the script https://pastebin.com/GGxbngtK

    i got this error with the db_default_dsl_cfg.xml file
    struct.error: unpack requires a buffer of 24 bytes
    and this with the db_default_eth_cfg.xml file
    struct.error: unpack requires a buffer of 44 bytes

     

    Attached Files:

  10. mooooooon

    mooooooon New Member

    Joined:
    4 Feb 2019
    Messages:
    94
    Likes Received:
    2
    Reputations:
    1
    thanks i was able to do it using RouterPassView
    and i found this
    upload_2020-2-23_20-1-10.png
    what is userIF ?
    note: i can't login using it .
     
  11. qwerty_3322

    qwerty_3322 New Member

    Joined:
    31 Dec 2019
    Messages:
    12
    Likes Received:
    0
    Reputations:
    0
    It mean you can write there your wps pin and try to upload configuration file to the router. Also if you have ssh access to the router you can create your own root user for access to web interface. The router system is UNIX-based
     
  12. mooooooon

    mooooooon New Member

    Joined:
    4 Feb 2019
    Messages:
    94
    Likes Received:
    2
    Reputations:
    1
    What wouls i gain from that ?

    I don't care about that... asked about the accounts in case of other routers.
     
  13. qwerty_3322

    qwerty_3322 New Member

    Joined:
    31 Dec 2019
    Messages:
    12
    Likes Received:
    0
    Reputations:
    0
    Any news? Did you find something?
     
  14. mooooooon

    mooooooon New Member

    Joined:
    4 Feb 2019
    Messages:
    94
    Likes Received:
    2
    Reputations:
    1
    Nob i didn't and customers support won't help
     
  15. qwerty_3322

    qwerty_3322 New Member

    Joined:
    31 Dec 2019
    Messages:
    12
    Likes Received:
    0
    Reputations:
    0
    #7375 qwerty_3322, 24 Feb 2020
    Last edited: 24 Feb 2020
  16. mooooooon

    mooooooon New Member

    Joined:
    4 Feb 2019
    Messages:
    94
    Likes Received:
    2
    Reputations:
    1
  17. blaider

    blaider New Member

    Joined:
    27 Jan 2018
    Messages:
    13
    Likes Received:
    0
    Reputations:
    0
    Всем привет. Парни, подскажите, чем удобнее глянуть клиентов wifi без точки доступа?
     
  18. zimmer

    zimmer Member

    Joined:
    19 Jun 2015
    Messages:
    112
    Likes Received:
    91
    Reputations:
    1
    что значит без точки тоступа? если её нет, то как что-то на ней посмотреть?....
    а так это http://www.nirsoft.net/utils/wireless_network_watcher.html
    или если ты имееш ввиду что посмотреть клиентов в той точке к которой ты не подключен, то в кали airodump-ng в station смотри маки
     
  19. blaider

    blaider New Member

    Joined:
    27 Jan 2018
    Messages:
    13
    Likes Received:
    0
    Reputations:
    0
    Я имел в виду устройства, в зоне моего приема, с включенным wi-fi, но не подключенные к роутеру.
     
  20. zimmer

    zimmer Member

    Joined:
    19 Jun 2015
    Messages:
    112
    Likes Received:
    91
    Reputations:
    1
    тут скорее вопрос должен звучать так: "возможно ли такое?"
    да и это простым wi-fi адаптером врядли реализовать, тут надо "слушать радиоэфир" на частотах (по каналам, да и 5 Ггц в куче)
    единственное создаеш открытую точку доступа и ловиш тех у кого стоит автоматом подключение к открытой точке.

    это наверно ты вопрос задаешь в свете новости о уязвимости Kr00k?))))))))
     
    #7380 zimmer, 27 Feb 2020
    Last edited: 27 Feb 2020
Loading...