Limit the number of errors using Python's infinite burst router password? Useless to Python!

Source: Internet
Author: User

Image

In the yard to see a no-one router (ws860s), looks like a black tech gadgets, just want to go inside to see, in the end what fun. See the label on the back of the Web interface address, and then log in to see, found a password, and then I think, the router password should be reset, and then I use the pen stamp that reset key, the miracle did not happen, the original reset key broken.

Image

Image

Analysis process

Grab Bag

1. Open the Routed Web page: 192.168.3.1, router back

Image

Image

You get csrf and cookies and the values you need to keep them, which you'll use later.

2. After entering the user name password:

Image

Image

Image

Image

3. The Router returns data

Image

How to generate a password

From the results of the above grab packet, password field is encrypted, so if we want to Python brute force hack, we need to find out the password generation algorithm.

Open the Web login page, view the source code, find the algorithm

Image

Image

Image

Image

Image

To modify the IP address on Linux, a simple command can be resolved:

Image

[PASSWORD:BBBBBBBB]; {"Errorcategory": "User_pass_err", "Csrf_param": "Fcng919l8j7xhqsoyqems3whsc2lisx", "Count": 2, "Csrf_token": "IQ/ Lfszsx7gtp6vflynzelobnspomy2 "}

The IP address is limited and you need to wait 1 minutes for prompt:

[PASSWORD:AAAAAAAA]; {"Errorcategory": "Three_time_err", "Csrf_param": "Vkgtylvilqa9sfstyydpkhv8qfjpiiw", "Count": 3, "Csrf_token": " Mtqlbcwqn+1djjap+a6xc4ausxcibod "}

Tips for Successful login:

[Password:xxxxxxxx]; {"Csrf_param": "H/dywxogz7+2y4ufzhqddowkjh1ul04", "Csrf_token": "Morgbb0+pnpoe8khwbwq4ooiod2nccs", "ErrorCategory" : "OK", "Level": 2, "IsWizard": True, "IsFirst": true}

Process

Image

All the data is ready, and the next step is to start using Python to write the program.

Core Python code:

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

Image

How to prevent violent cracking?

Image

Limit the number of errors using Python's infinite burst router password? Useless to Python!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.