Image
In the yard to see a no-one router (ws860s), looks like a black tech gadgets, just want to go inside to see, in the end what fun. See the label on the back of the Web interface address, and then log in to see, found a password, and then I think, the router password should be reset, and then I use the pen stamp that reset key, the miracle did not happen, the original reset key broken.
Image
Image
Analysis process
Grab Bag
1. Open the Routed Web page: 192.168.3.1, router back
Image
Image
You get csrf and cookies and the values you need to keep them, which you'll use later.
2. After entering the user name password:
Image
Image
Image
Image
3. The Router returns data
Image
How to generate a password
From the results of the above grab packet, password field is encrypted, so if we want to Python brute force hack, we need to find out the password generation algorithm.
Open the Web login page, view the source code, find the algorithm
Image
Image
Image
Image
Image
To modify the IP address on Linux, a simple command can be resolved:
Image
[PASSWORD:BBBBBBBB]; {"Errorcategory": "User_pass_err", "Csrf_param": "Fcng919l8j7xhqsoyqems3whsc2lisx", "Count": 2, "Csrf_token": "IQ/ Lfszsx7gtp6vflynzelobnspomy2 "}
The IP address is limited and you need to wait 1 minutes for prompt:
[PASSWORD:AAAAAAAA]; {"Errorcategory": "Three_time_err", "Csrf_param": "Vkgtylvilqa9sfstyydpkhv8qfjpiiw", "Count": 3, "Csrf_token": " Mtqlbcwqn+1djjap+a6xc4ausxcibod "}
Tips for Successful login:
[Password:xxxxxxxx]; {"Csrf_param": "H/dywxogz7+2y4ufzhqddowkjh1ul04", "Csrf_token": "Morgbb0+pnpoe8khwbwq4ooiod2nccs", "ErrorCategory" : "OK", "Level": 2, "IsWizard": True, "IsFirst": true}
Process
Image
All the data is ready, and the next step is to start using Python to write the program.
Core Python code:
Image
Image
Image
Image
Image
Image
Image
Image
Image
Image
Image
Image
Image
Image
Image
How to prevent violent cracking?
Image
Limit the number of errors using Python's infinite burst router password? Useless to Python!