Experiences in multiple recovery methods for ADSL bandwidth dialing passwords

With the rapid development of broadband technology, home network access to broadband has become very common. Most readers connect their home networks to the Internet through ADSL or other methods. However, in actual use, many readers have encountered the problem of missing passwords. If these passwords are stored in the router configuration, how can we restore them? Today, I would like to invite readers to follow the author's path to Rome, so that we can use multiple methods to restore the dialing password. I will introduce it in a simple way. I believe that no matter how powerful the router's encryption measures are, we can use this method to quickly restore the stored plaintext.

I. When do I need to recover the dialing password?

First, the real password is forgotten, and the vro Configuration Parameter contains the password saving information, but the password information is "*" when it is processed by the vro, in this case, we need to reset the dialing password.

Ii. browser handle restoration method

First, we can try to restore it through the browser handle. Generally, there are many tools available on the Internet. We can simply drag and drop the asterisks and passwords without relevant programming knowledge. Here, the pen recommends a small tool named revelation.exe to readers. It is a green version program. After running this program, we will drag the cross cursor of the software interface to the asterisk password to be displayed and release the mouse button, at this time, we will see the plaintext password information in the main display area of the software, so that we can smoothly view the asterisk password function. This tool is of low capacity. I will send it to IT168 readers in the form of attachments.

Tip: Generally, the software used to view asterisks in the handle is used by the IE browser. Therefore, you can use the IE browser to open the asterisks page and view the plaintext information corresponding to the asterisks through the handle.

3. view the asterisks and passwords using the advanced Handle Tool

However, many readers have encountered that the asterisk information cannot be viewed through the simple handle analysis software. In this case, we can try the advanced handle viewing tool to analyze the handle through the extended functions of these software, in this way, the plaintext of the asterisk information can be restored smoothly. Here I recommend a Super tool, coralspy. This tool can view the plaintext information corresponding to the asterisk through the analysis handle, if the page uses an encryption method to protect the asterisk, we can also view the real plaintext through its advanced analysis function.

After the software is started, the corresponding asterisk display page is opened. Then, you can drag the asterisk to view the asterisk. For general pages, we can directly see the plaintext information displayed in the software window.

If the page is encrypted with asterisks, click the extended advanced features button of the software and switch to the IE or IE2 tab. The software will analyze the page further, then we can see the plaintext information corresponding to the asterisk in the following form element, the author successfully restored the dial-up account stored in the D-LINK router and the corresponding asterisk password plaintext information. The author also sends this tool as an attachment to readers.

4. Analyze asterisks in plaintext using the source file Method

Of course, sometimes there may be no relevant software at hand. Is there a way to restore the password with bare hands? The answer is yes. We can first open the page with an asterisk encrypted, and then open the corresponding source file on the page through "View"-> "source file" in the browser, find the account or password field through the "Search" function in the source file. Sometimes the information corresponding to the asterisk is stored in the source file in plaintext, we use this function to smoothly analyze the plaintext information of the asterisk.

However, this method has a lot of limitations. The asterisks on many pages cannot be used to analyze the plain text. In addition, some pages are created through the framework. Viewing the source files can only display the Framework Code, therefore, this function cannot be used for analysis. Some pages even prohibit users from viewing source files, which also gives users nowhere to start.

Of course, I also found that, in case of any of the above problems, I can try to save the page as an HTML file and then open it locally. This will solve the problem of not allowing the webpage to view the source file, you can also locate the real page file from the analysis framework of the saved HTML file. After you view the source file, you can still find the plaintext information of the stored Asterisk and password by searching for keywords.

TIPS: if we are using browsers such as maxthon, the operation will be simpler. Select the line of password and drag it. Your Maxthon browser will automatically open a page, search for the keyword on the page to find the plaintext of the password.

5. Analyze the configuration file to restore the asterisks and passwords in plaintext

In addition to the methods described above, we can also analyze the configuration file to restore the asterisk (*) plaintext. Readers who have experience configuring vrouters know that many home broadband routers currently provide the configuration saving and recovery functions. We can use this function to save the parameter information configured on the vro. In this way, we can analyze the saved configuration file to obtain the plaintext information of the asterisk password.

First, go to the vro System Management menu and save all configuration parameter information in the form of a file. Click "save" to copy the information to the local disk. Of course, the format of each router configuration file is different, for example, the author's D-LINK will use *. the gws suffix extension saves the configuration file. Some routers directly Save the configuration to the TXT format, which makes the analysis easier and more convenient.

Then we select the saved configuration file on the desktop and open it through the Notepad program.

After opening the configuration file, there may be a lot of garbled characters, but you don't have to worry about using the "Search" function to search for related keywords. If the configuration file is not encrypted, we can find the plaintext information corresponding to the asterisk password.

TIPS: the method of finding the asterisk plaintext by analyzing the configuration file is effective, but for some vendors, they store configuration information in their own unique formats or encrypt the configuration file themselves, this method cannot play a very good role.

6. self-built PPPOE server ultimate cracking asterisks password plaintext

Finally, I will introduce you to the ultimate method of restoring the asterisk password to plain text. He has high technical requirements for user operators, however, after years of attempts by the author, no vro can escape this method to capture and crack it.

Before introducing this method, we need to describe a special case. If you use the methods described above to find that the plaintext of the password is such information as "Hello123World" or "PASSNOCHANGE, this shows that your vro security capabilities are quite powerful. These fields are encrypted by the vro manufacturer to prevent unauthorized users from maliciously viewing the asterisk in plaintext. In this case, we first try to see if other related functional pages also store the asterisk data and use the methods mentioned above to restore the plaintext, if all the methods are invalid and other pages do not save the same asterisk data or are encrypted, we can only use the self-built PPPOE server to ultimately crack the asterisk password in plaintext.

(1) Principles of self-built PPPOE Server

As we all know, when we save the PPPOE dial-up password information to the vro, The vro will make a dial-up connection through the WAN Interface each time the connection is established to the INTERNET, A dial-up request will inevitably generate a dial-up network packet. Can we analyze these dial-up network packets to find the PPPOE password in plaintext? The answer is yes, but we need to simulate a PPPOE server similar to the telecom department to receive data from the PPPOE client. Therefore, this method simulates your computer as a PPPOE server of the telecommunications department, and then connects your Nic to the WAN interface of the router, finally, install the sniffer tool in the computer system to monitor the traffic data of the NIC connected to the WAN interface, and analyze the PPPOE dial-up account information and password.

(2) Limitations of self-built PPPOE server Methods

Although the self-built PPPOE server method is very powerful, if you are using the ADSL cat integrated routing function or the router itself has the ADSL cat dialing function at home, we will be powerless, because the external connection ports of these devices are telephone line interface 201711, our network cable cannot be connected and thus the sniffer monitoring data packet function cannot be implemented.

(3) self-built PPPOE server program

The self-built PPPOE server program varies according to the system. If it is a windows system, you can use RouterOS to simulate your computer into a high-performance router, and then configure the relevant PPPOE server parameters on the router. For a Linux system, we can directly download the pppoe SERVER program at http://roaringpenguin.luky.org/pppoe/javasdownloadaddress.

(4) monitor data to find the asterisk password in plaintext

Simulate your computer as a PPPOE server, connect the network adapter to the WAN interface of the router, and then monitor the network adapter through monitoring data packet tools such as sniffer or wireshark, we can analyze the user name and password of PPPOE dialing through the captured data packets. For example, the author successfully found the PPPOE dialing user name and password plaintext information stored in the TP-R402 device management interface through this method.

TIPS: If no proper PPPOE server program is found, we can add a silly HUB or low-end switch between the router and ADSL cat, and then connect one of our computers to one of the HUB ports, the sniffer tool can also monitor PPPOE dial-up data packets to analyze the plaintext information of the dial-up account name and password.

VII. Summary

All the major roads are connected to Rome. In this article, I have introduced several methods such as bare-handed fist, handle tool, and self-built server. I believe that you can find the asterisk (*) plaintext data stored in the vro according to these methods, this avoids the trouble caused by password loss, so we don't have to waste time and effort on restoring the password in the telecom department.