Unauthorized logon to Ruyi cloud router Management page can be cracked, dns phishing can be modified, and root and repair solutions of the vroroot can be controlled.

Unauthorized logon to Ruyi cloud router Management page can be cracked, dns phishing can be modified, and root and repair solutions of the vroroot can be controlled.

The current vro is intelligent and interactive, but once poorly managed, it is easy to cause major problems.

 

Then I searched for information about Ruyi cloud on the Internet. I was very excited because it was based on openwrt like my pole routes and Xiaomi routes.

This is a small linux host.

I tried to scan the port and found the following information. ssh is on.
 

I tried to crack it, but it was never successful. So I had some gains in viewing password management problems in the Forum.
 

Log in directly as a result

 

The logon interface is as follows:
 

Login, in order to indicate that not my own router is used to brush points, I also have my own Router
 

Next, we will find that the web login verification of Ruyi cloud vro is based on the system.

Then log on to the system through ssh and execute ifconfig.
 

So far, penetration is over! From the forum, the unified default password for such vrouters is 54321.

The ssh telnet port is enabled by default.
 

Solution:

1. The password should be randomly generated to the user via text message or email. Do not use the unified default password.

2. Close the corresponding port. Most people still do not go to hack. Only a few people go to hack to enable it themselves.

3 The default vro login address is not external, which may remind the user

4. Two systems are recommended for web system login and system permission authentication.

5. Restrict Login